Analysis Overview
SHA256
27410bc7be14c47eb58679632c4f683dcd90814191ad030fd254e4ff96646523
Threat Level: Likely malicious
The file inbox.png was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
Event Triggered Execution: Component Object Model Hijacking
A potential corporate email address has been identified in the URL: httpswww.youtube.com@WeAreDevsExploitssubconfirmation1cbrd1
Executes dropped EXE
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Network Share Discovery
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Enumerates connected drives
Checks installed software on the system
Checks whether UAC is enabled
Suspicious use of NtSetInformationThreadHideFromDebugger
Suspicious use of NtCreateThreadExHideFromDebugger
Checks system information in the registry
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
Drops file in Windows directory
System Network Configuration Discovery: Internet Connection Discovery
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
System policy modification
Suspicious use of FindShellTrayWindow
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy service COM API
Modifies Internet Explorer settings
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 20:11
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 20:11
Reported
2024-11-13 20:20
Platform
win11-20241007-en
Max time kernel
547s
Max time network
548s
Command Line
Signatures
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe | N/A |
A potential corporate email address has been identified in the URL: httpswww.youtube.com@WeAreDevsExploitssubconfirmation1cbrd1
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\JJSploit\JJSploit.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Network Share Discovery
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\R15Migrator\Icon_AdapterPaneTab.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Settings\MenuBarAssets\MenuButtonSelected.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Trust Protection Lists\Mu\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\InGameMenu\TouchControls\move_area_landscape.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\show_third_party_software_licenses.bat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\MaterialGenerator\Materials\DiamondPlate.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\MicLight\Error.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Gamepad\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\ja.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StudioToolbox\RoundedBorder.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\PlayerList\UnFriend.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\vccorlib140.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\InGameMenu\TouchControls\touch_action_rotate_camera.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\PlayStationController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ViewSelector\left_hover.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_id.dll | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\particles\explosion01_core_main.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\R15Migrator\Icon_DotDotDot.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\common\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\RedSpeakerLight\Unmuted0.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\TopBar\moreOn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\ExternalSite\guilded_white.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\en-GB.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\families\BuilderSans.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\DarkThemeLoadingCircle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\LayeredClothingEditor\WorkspaceIcons\Cage Mode.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\command.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\InGameMenu\roblox_logo.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\mip_core.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\VisualElements\SmallLogoDev.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VR\hoverPopupLeft.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_mr.dll | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\models\AccessoryAdjustment\Ring.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\graphic\playBtnBackground.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChatV2\actions_notificationOff.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\BuilderSans-Bold.otf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\AnimationEditor\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\AnimationEditor\eventMarker_border.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\identity_proxy\win11\identity_helper.Sparse.Dev.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\de.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StartPage\CityImages.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StudioToolbox\AssetPreview\star_stroke.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\TerrainTools\mt_sea_level.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Emotes\TenFoot\SelectedGradient.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\sounds\action_jump_land.mp3 | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\MaterialCursor.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\AvatarEditorImages\AvatarEditor_LightTheme.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\Misc\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_sq.dll | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\PlatformContent\pc\textures\sky\sky512_rt.tex | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\MenuBar\icon_chat.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\msedgewebview2.exe.sig | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Windows\Installer\e5a7253.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF9CCBB13E04A807A1.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-de-1901.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-de-1996.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hy.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-FR | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\a728abc2-c5e9-4dcd-8fa6-8c844608bccd.tmp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{ED32CE98-14F7-4B25-AD97-7F0034775067} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF422F180B90752FBF.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hu.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-lt.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.fingerprint | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1019815033\manifest.json | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-te.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\LICENSE | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hr.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-und-ethi.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ga.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-mr.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_101514604\manifest.fingerprint | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\keys.json | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\msedge_installer.log | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hi.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-kn.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-fr.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ta.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\manifest.fingerprint | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-RU | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-et.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ka.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-IT | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-nl.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ru.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-NL | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.json | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-af.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\manifest.fingerprint | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_451859795\manifest.fingerprint | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-cu.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-es.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-eu.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\crs.pb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\ct_config.pb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\manifest.json | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\Installer\{ED32CE98-14F7-4B25-AD97-7F0034775067}\ProductIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-cs.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-de-ch-1901.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-it.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-uk.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\LICENSE | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\manifest.fingerprint | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-da.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-en-us.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-gl.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Filtering Rules-AA | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-pa.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-sv.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000ab2f6650cf45871d0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000ab2f66500000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900ab2f6650000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1dab2f6650000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000ab2f665000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124 = "Document Encryption" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133760024900558913" | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3316A154-AC5C-4126-9021-B201E9C33D7B}\ = "PSFactoryBuffer" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CurVer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "ServiceModule" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\ = "URL: Roblox Protocol" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "ServiceModule" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.35\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 881681.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\JJSploit_8.10.12_x64_en-US.msi:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\fluxus-executor-fluxusofficial.com.apk:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 275708.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeChangeNotifyPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSyncAgentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeEnableDelegationPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeChangeNotifyPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSyncAgentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeEnableDelegationPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe | N/A |
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\inbox.png
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff84d653cb8,0x7ff84d653cc8,0x7ff84d653cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4184 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=5788 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5732 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6828 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUIxMUNCNTItQ0IzMS00NzVELTlGOUYtM0VDMUVFQzA1Mzk1fSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyQURBMkFGRi0wQ0Q4LTQ5QjItOUJDQS1GMTYzQTJGMDU0OEZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NDYzMTc3MjMiIGluc3RhbGxfdGltZV9tcz0iNjI0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{AB11CB52-CB31-475D-9F9F-3EC1EEC05395}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUIxMUNCNTItQ0IzMS00NzVELTlGOUYtM0VDMUVFQzA1Mzk1fSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGNkQ1MEFCRi1GNDI1LTQwMDEtOTI3Mi04RjFEOUZBRkNGNUF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NTA3Nzc1MzEiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6320 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff79738d730,0x7ff79738d73c,0x7ff79738d748
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7456 /prefetch:8
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\JJSploit_8.10.12_x64_en-US.msi"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 4F82FC9ED51D5EB890B0449E5B16060D C
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Program Files\JJSploit\JJSploit.exe
"C:\Program Files\JJSploit\JJSploit.exe"
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --lang=en-US --mojo-named-platform-channel-pipe=2108.612.3643993215898110269
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=130.0.2849.80 --initial-client-data=0x160,0x164,0x168,0x13c,0x174,0x7ff83a6c4dc0,0x7ff83a6c4dcc,0x7ff83a6c4dd8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1740,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=1772 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=1792,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=1828 /prefetch:11
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2252,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:13
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3000,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=3016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mboost.me/a/P?altId=1yYyS3qNXxnxzviR
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff84d653cb8,0x7ff84d653cc8,0x7ff84d653cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUIxMUNCNTItQ0IzMS00NzVELTlGOUYtM0VDMUVFQzA1Mzk1fSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyOTU3NzY4Qi01QThELTRGOTMtODQ3Qi05NUVBOEU2NjkxQzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMzAuMC4yODQ5LjgwIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODY0OTA3NjQ2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTg2NTA1NzQ3NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYxMDQ5MTA2MzYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzI3Y2I3MjlkLWZmOTQtNGQzNC1hYWU0LTMzODVmYTA5YzQ0Yz9QMT0xNzMyMTMzNjEzJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUg1NlpPRzdHWFdNUGRRZCUyYktDZkQ1JTJmVzdWd3pzTWN4NXZjaTRHSGxIU1p6VHNlQ0U3WXd3bGtxWWxQMm1CdjVPZ25QR0tDWE5sNEJmZER6T2xPUGt4ZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3NTA3NjkyMCIgdG90YWw9IjE3NTA3NjkyMCIgZG93bmxvYWRfdGltZV9tcz0iMTY0OTYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MTA0OTYxNjMyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjEyMjU3NDk5MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjc0NTA1MDUxNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjkzMyIgZG93bmxvYWRfdGltZV9tcz0iMjM5NzAiIGRvd25sb2FkZWQ9IjE3NTA3NjkyMCIgdG90YWw9IjE3NTA3NjkyMCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNjIyNDciLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" -app -clientLaunchTimeEpochMs 0 -isInstallerLaunch 6072
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004E0
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4776,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4796 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4656,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=748 /prefetch:10
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4796,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4936 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8968 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4956,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=5084 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8972 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5108,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=5060 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4996,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4928 /prefetch:14
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4920,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:14
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4832,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4908 /prefetch:14
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5072,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mboost.me/a/P?altId=1yYyS3qNXxnxzviR
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff84d653cb8,0x7ff84d653cc8,0x7ff84d653cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7900 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:kDxvS_3ijIhaksNmkvK-1Wxse0bbQFgizzomrIuCfXZ4UwMwE9NFXPEpPaitOl7QObYEyOozKvvjvj-6V3AYJeQwvg_egKRHEEzRO5amxvap7qKJCx9dUNuvkwNekH-eyhkPHncn7gEIp91Zvg0LDgpp1ed8MnNLaKI2_G2h6CkwOq_FnAKffh0xzd-6myKI0cwWGrCOuuSFJbbYuHUUqplk1OLchj5nT2-e2RuMoeQ+launchtime:1731528769664+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1731528712128001%26placeId%3D142823291%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Df0266778-8c24-48ce-bef6-43a71b2c678f%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1731528712128001+robloxLocale:en_us+gameLocale:en_us+channel:zliveforbeta+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe" /update /sessionid "{E6BC0211-459C-4206-B7CD-D0D2A20E04AE}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTZCQzAyMTEtNDU5Qy00MjA2LUI3Q0QtRDBEMkEyMEUwNEFFfSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0OEU1OEQyNS01RDg1LTQzNEQtQUYwQy1BNTFDQTNFOTk0NTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE5NS4zNSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzMzIwOTM0OTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTMzMjI0MzU2MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTM0OTM1MTc2MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzY4ZDU3N2EwLTFmNGEtNDM0Zi1iZGNlLTE0OGVkYzFlNGE0MD9QMT0xNzMyMTMzOTYwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUtiSWJtVW1lWG1YZzIzdTFIRGR0MEh0WG16RFBib1AwWmZWOFRCSGZSOHV6cjlkNHZ3M01QYmFGb2xBb3VpSmpJbXplVzd5enQ0dXpPdlZzZlhyOVFBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTM0OTM2MzU3OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNjhkNTc3YTAtMWY0YS00MzRmLWJkY2UtMTQ4ZWRjMWU0YTQwP1AxPTE3MzIxMzM5NjAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9S2JJYm1VbWVYbVhnMjN1MUhEZHQwSHRYbXpEUGJvUDBaZlY4VEJIZlI4dXpyOWQ0dnczTVBiYUZvbEFvdWlKakltemVXN3l6dDR1ek92VnNmWHI5UUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjM1OTIwIiB0b3RhbD0iMTYzNTkyMCIgZG93bmxvYWRfdGltZV9tcz0iMTU2MyIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MzQ5MzkzNzU0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzNTQ2ODM1MjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzc2MDAyNzIwNzY3Mjc4MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTMwLjAuMjg0OS44MCIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzc2MDAyNDg3Mzk2NDQwMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7Q0RFQzdCQjAtQkQ2Mi00QzhCLTkyN0UtRkZERUJCNDAzODhEfSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{E6BC0211-459C-4206-B7CD-D0D2A20E04AE}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTZCQzAyMTEtNDU5Qy00MjA2LUI3Q0QtRDBEMkEyMEUwNEFFfSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RkMzNTYzMTEtMURCQS00Mjc3LUFCMjQtOENFNDhFOEY0QUM4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xOTUuMzUiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MzE1Mjg4MDkiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzNzIxMzM3MDIiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7552 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12744 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 88.221.135.11:443 | www.bing.com | tcp |
| GB | 128.116.119.4:80 | presence.roblox.com | tcp |
| GB | 128.116.119.4:80 | presence.roblox.com | tcp |
| GB | 128.116.119.4:443 | presence.roblox.com | tcp |
| GB | 2.18.190.78:443 | static.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | js.rbxcdn.com | tcp |
| FR | 3.164.163.59:80 | crt.rootg2.amazontrust.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 155.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.163.164.3.in-addr.arpa | udp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| GB | 128.116.119.4:443 | privatemessages.roblox.com | tcp |
| GB | 128.116.119.4:443 | privatemessages.roblox.com | tcp |
| GB | 104.77.118.82:443 | apis.rbxcdn.com | tcp |
| FR | 18.245.199.98:443 | css.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 13.32.145.114:443 | images.rbxcdn.com | tcp |
| FR | 18.245.175.6:443 | arkoselabs.roblox.com | tcp |
| GB | 128.116.119.4:443 | privatemessages.roblox.com | tcp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | usermoderation.roblox.com | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 8.8.8.8:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 8.8.8.8:53 | cdg1-128-116-122-3.roblox.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| GB | 2.18.190.74:443 | t7.rbxcdn.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| GB | 88.221.135.1:443 | th.bing.com | tcp |
| GB | 95.101.143.195:443 | th.bing.com | tcp |
| GB | 95.101.143.195:443 | th.bing.com | tcp |
| GB | 88.221.135.1:443 | th.bing.com | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| FR | 18.245.199.123:443 | sc0aws.rbxcdn.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| GB | 128.116.119.4:443 | followings.roblox.com | tcp |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:50967 | tcp | |
| GB | 128.116.119.4:443 | followings.roblox.com | tcp |
| GB | 88.221.180.17:443 | clientsettingscdn.roblox.com | tcp |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:50972 | tcp | |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:50987 | tcp | |
| US | 4.151.228.221:443 | msedge.api.cdp.microsoft.com | tcp |
| GB | 2.18.190.81:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 172.67.155.126:80 | jjsploit.net | tcp |
| US | 172.67.155.126:80 | jjsploit.net | tcp |
| US | 172.67.155.126:443 | jjsploit.net | tcp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | tcp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.225:443 | lh3.googleusercontent.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | forum.wearedevs.net | udp |
| US | 8.8.8.8:53 | forum.wearedevs.net | udp |
| US | 104.26.7.147:443 | forum.wearedevs.net | udp |
| US | 104.26.7.147:443 | forum.wearedevs.net | tcp |
| US | 104.26.7.147:443 | forum.wearedevs.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| US | 8.8.8.8:53 | api.mboost.me | udp |
| US | 8.8.8.8:53 | api.mboost.me | udp |
| US | 172.67.214.146:443 | api.mboost.me | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 104.21.67.56:443 | api.mboost.me | udp |
| US | 172.67.214.146:443 | api.mboost.me | tcp |
| US | 172.67.214.146:443 | api.mboost.me | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 104.26.7.147:443 | forum.wearedevs.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.225:443 | lh3.googleusercontent.com | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| BE | 66.102.1.84:443 | accounts.google.com | tcp |
| BE | 66.102.1.84:443 | accounts.google.com | udp |
| DE | 172.217.133.198:443 | rr1---sn-4g5edndk.googlevideo.com | tcp |
| DE | 172.217.133.198:443 | rr1---sn-4g5edndk.googlevideo.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| DE | 172.217.133.198:443 | rr1---sn-4g5edndk.googlevideo.com | tcp |
| DE | 172.217.133.198:443 | rr1---sn-4g5edndk.googlevideo.com | tcp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| GB | 216.58.201.97:443 | yt3.googleusercontent.com | udp |
| DE | 172.217.133.198:443 | rr1---sn-4g5edndk.googlevideo.com | tcp |
| DE | 172.217.133.198:443 | rr1---sn-4g5edndk.googlevideo.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.70:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | tcp |
| GB | 128.116.119.4:443 | followings.roblox.com | tcp |
| N/A | 127.0.0.1:52542 | tcp | |
| N/A | 127.0.0.1:52546 | tcp | |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 204.79.197.239:443 | tcp | |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 142.250.180.3:443 | ssl.gstatic.com | tcp |
| GB | 95.101.143.219:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | th.bing.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | th.bing.com | tcp |
| US | 104.26.13.46:443 | quackr.io | tcp |
| US | 104.26.13.46:443 | quackr.io | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| DK | 157.240.200.14:443 | connect.facebook.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| BE | 66.102.1.84:443 | accounts.google.com | udp |
| GB | 88.221.135.25:443 | th.bing.com | tcp |
| US | 172.66.40.143:443 | receive-smss.com | tcp |
| US | 172.66.40.143:443 | receive-smss.com | tcp |
| US | 172.66.40.143:443 | receive-smss.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| GB | 142.250.179.225:443 | lh3.googleusercontent.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.225:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 172.67.214.146:443 | api.mboost.me | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.200.34:443 | partner.googleadservices.com | tcp |
| GB | 142.250.179.225:443 | lh3.googleusercontent.com | udp |
| US | 204.79.197.239:443 | tcp | |
| GB | 142.250.179.227:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-if-v6exp3-v4.metric.gstatic.com | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.179.227:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| FR | 172.217.133.7:443 | rr2---sn-hgn7rn7y.googlevideo.com | tcp |
| FR | 172.217.133.7:443 | rr2---sn-hgn7rn7y.googlevideo.com | tcp |
| FR | 172.217.133.7:443 | rr2---sn-hgn7rn7y.googlevideo.com | tcp |
| FR | 172.217.133.7:443 | rr2---sn-hgn7rn7y.googlevideo.com | tcp |
| FR | 172.217.133.7:443 | rr2---sn-hgn7rn7y.googlevideo.com | tcp |
| FR | 172.217.133.7:443 | rr2---sn-hgn7rn7y.googlevideo.com | tcp |
| GB | 216.58.201.97:443 | yt3.googleusercontent.com | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i2-v6exp3.v4.metric.gstatic.com | udp |
| GB | 142.250.200.50:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i1-v6exp3.ds.metric.gstatic.com | tcp |
| GB | 216.58.204.82:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i2-v6exp3.v4.metric.gstatic.com | tcp |
| GB | 142.250.200.50:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i1-v6exp3.ds.metric.gstatic.com | tcp |
| GB | 216.58.204.82:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i2-v6exp3.v4.metric.gstatic.com | tcp |
| US | 8.8.8.8:53 | 50.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.204.58.216.in-addr.arpa | udp |
| US | 172.67.214.146:443 | api.mboost.me | udp |
| US | 204.79.197.239:443 | tcp | |
| GB | 216.58.212.195:443 | p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-s1-v6exp3-v4.metric.gstatic.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 172.66.42.247:443 | resources.infolinks.com | tcp |
| GB | 216.58.204.74:443 | imasdk.googleapis.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| BE | 66.102.1.84:443 | accounts.google.com | udp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | tcp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 88.221.135.25:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | www.bing.com | tcp |
| GB | 88.221.135.25:443 | www.bing.com | tcp |
| BE | 66.102.1.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 88.221.135.34:443 | r.bing.com | tcp |
| GB | 88.221.135.34:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.135.221.88.in-addr.arpa | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| NL | 4.175.87.113:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 172.67.142.26:443 | fluxusofficial.com | tcp |
| US | 172.67.142.26:443 | fluxusofficial.com | tcp |
| US | 172.67.142.26:443 | fluxusofficial.com | tcp |
| US | 8.8.8.8:53 | pin.it | udp |
| GB | 143.244.38.136:443 | images.dmca.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| US | 172.67.142.26:443 | dl.fluxusofficial.com | tcp |
| US | 172.67.142.26:443 | dl.fluxusofficial.com | tcp |
| BE | 66.102.1.84:443 | accounts.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 172.67.73.98:443 | temp-mail.org | tcp |
| US | 172.67.73.98:443 | temp-mail.org | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 98.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| US | 172.66.43.196:443 | cdn.paddle.com | tcp |
| US | 172.67.73.98:443 | web2.temp-mail.org | tcp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| FR | 3.165.118.121:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| FR | 52.84.174.60:443 | config.aps.amazon-adsystem.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | ex.ingage.tech | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| FR | 18.155.129.39:443 | tags.crwdcntrl.net | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| US | 172.64.146.150:443 | ex.ingage.tech | tcp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 172.64.146.150:443 | ex.ingage.tech | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.175.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9143e91fc55148df2fac1ea55688c6cb.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.1:443 | 9143e91fc55148df2fac1ea55688c6cb.safeframe.googlesyndication.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| FR | 185.235.86.160:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| FR | 185.235.86.49:443 | gem.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| GB | 104.77.118.82:443 | hb.trustedstack.com | tcp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| IE | 34.249.87.237:443 | ap.lijit.com | tcp |
| US | 69.55.55.219:443 | sync.cootlogix.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| FR | 3.165.113.91:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.18.6.198:443 | gum.aidemsrv.com | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 107.22.211.243:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | 237.87.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.202.195.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.55.55.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.6.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| GB | 2.18.190.80:443 | player.aniview.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| FR | 5.196.111.68:443 | ssbsync.smartadserver.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DE | 148.251.40.113:443 | sync.richaudience.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 54.83.39.146:443 | api-2-0.spot.im | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 64.202.112.255:443 | b1sync.zemanta.com | tcp |
| NL | 35.214.149.211:443 | csync.loopme.me | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 64.202.112.255:443 | b1sync.zemanta.com | tcp |
| US | 52.55.55.106:443 | sync.srv.stackadapt.com | tcp |
| IE | 54.171.224.40:443 | jadserve.postrelease.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | 113.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.39.83.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.224.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.55.55.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 051a939f60dced99602add88b5b71f58 |
| SHA1 | a71acd61be911ff6ff7e5a9e5965597c8c7c0765 |
| SHA256 | 2cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10 |
| SHA512 | a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f |
\??\pipe\LOCAL\crashpad_5712_GASHLDKCAJWADTPM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 003b92b33b2eb97e6c1a0929121829b8 |
| SHA1 | 6f18e96c7a2e07fb5a80acb3c9916748fd48827a |
| SHA256 | 8001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54 |
| SHA512 | 18005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bda64c2aa3f447c45c290cc8b9c0ffe5 |
| SHA1 | d313bd06a61fd12c52f371e238fc5f2742159d72 |
| SHA256 | aaec314ebf4991c6198dba24323fb14ad231f4c1ca43c1b528c75ad6376668bf |
| SHA512 | 2d3f5b13acf9a90bec3743d2479a2bdf90e0721372f59410c8264e3c08f3a36d449403b7d4cdd61d6c40cc99490141771625594080135892315e0eef5a694b06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 96444323a4181fa7bb1a15b81eab7096 |
| SHA1 | 6a5209eab9367eabafcac5ce478c2980bb7ccce5 |
| SHA256 | 7b85a7f6d9df9052205ec0a2a69ea1c0659ab686ef05d2cb63f91d0975229370 |
| SHA512 | 11e2272a40c389dc59a5f316eda88e6d15c0adceca20002c14480c7fa315d0833866ae0e502c856c2d7522c9d3be6db08029effbecea735197a683c939aafc8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c146cd7340cde8c835ab9941005a264b |
| SHA1 | 3c4a19dca7ec0bd66d0241e37472bf9d2a9f9986 |
| SHA256 | 2334cd40d3bc9300a454af88d566428696a41abc2ded7e4bd67818d02602d9e7 |
| SHA512 | c35557eb0a0e7f8233b054ce36ccfa2ab6078e3079bb34be5839934844973da74d3e70d6d91e7e58b9477a0302dd90d31bc57d559ccdf6375c4a5f40fd271660 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bcffd46f40e1de5a3021b97369217386 |
| SHA1 | 3fd8905eebc888c494232d1a4022d3c52c0db33b |
| SHA256 | 08f646bdbf1ecf56d4f01d73f92ddd0089934813b6d03145f6046988469719d9 |
| SHA512 | 6e5e15d325b3287b56005bb81129533d5ee56e675cbcc874edcbc50bd68c94f78f34b86079fffb13758cb9920ed6c6973d685f0ef04ca23a8ee8bae948070de6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d846163cf11e9c9225bee06b70942123 |
| SHA1 | 5b65ef1e22d628a637f57696315d6c23fb2e0ec2 |
| SHA256 | 6db55ad0b152c496e5ec38ef7a4de9dce8aea791ad415a967f5aca862c08df70 |
| SHA512 | 5dc12ce618f4c5a5e15353062c175bed479bb73ca598f33db41aabc12db1d6f3e9b2f8da77017cd0a490d104a4bc9a1a3c7ab8d37c5bdab4f644eafd711e5c6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 371f10b77cdd6f75ab1ba4db62b3ac62 |
| SHA1 | c58a5c1fa64ce665b63dc57762e760995b4e9f91 |
| SHA256 | 0429604462d428720f1db1d9f832c5a33e1ddeb6cf7f9cccb36a343787d6eb32 |
| SHA512 | dd5d2d81e9b1e57ca0582639591c90586e074905eaa6f18934a90d9cd220f44431c849a27a28b6b6b9f57fd2f48fd4082d54336fdf23cfa3bb8243e13b8dd627 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5824d9.TMP
| MD5 | f2c321217c62ac32a2f4586bc27fd022 |
| SHA1 | 476fbfa2ee3a52b9b0ea1fdfca77aa87ec48da22 |
| SHA256 | 299a7f906ed621cfa6cfef4c73fe94f042921506f4a385bc12dbbc880e092388 |
| SHA512 | 48a07759b3186cda2568496d40abe334179808532c6da229a7e57c61682e9106ec8b150f7fdffe6e52cd62d2a982643e70cf834622ee99443dcc2b22949e9c5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 46908b16a1d5cecab52d19370064f415 |
| SHA1 | 4d3846e9a8933a56facfe29610f74fdf44143343 |
| SHA256 | 27592b6400f10c0a24f62fb501603e18710e8e091ca18b5023610253ce526539 |
| SHA512 | 835f2ae66f0e42213ba89150dceb04ccecbb2fc173b4f27b1a0fe8ed3d19791927fdd22984b136b60b307dc27ffbdc0dd4bcbc79cf970b5ea37c203970c40a43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 169a89e3e75c292699cf32eed48f19d3 |
| SHA1 | a952a8f4b17109d31172512b933c265b8b6f638d |
| SHA256 | 9ad53b9842885f033796e7bfdbc1ffa8bb12e98626c78e6e3c1486d5249c40c1 |
| SHA512 | 352808c81d6defe617dd1b6446409770f72aa22f15e1350c7adb16ee6b9b0d1f20f06b4ec33734a4d2f9dfadd42679839e574ed89793a82cf65badaa2758c8d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eee34598626a6b97022e4fbdde0637d8 |
| SHA1 | dfa130caf6e3c32cc039f7999a3f32f87c64e3f9 |
| SHA256 | 8d258616c4205d8ab412f3395b4a3cafbf7f04cae3ea4ec0f62961341ff4aeed |
| SHA512 | 3055d7c6c2917d0ebf8a7aaf49154602b4d964fdfbff3af76d770aea61f1f324b526b24cc10cd60e7309351dff59bbf0249ced047d7e99d126576b5333506fba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c9aee405415ff6822a83560491ea0e04 |
| SHA1 | 53d0d4ef0ecdb0128270f2aa800285aa8bd09931 |
| SHA256 | 93595392e2dabfb3da9d097bd00600d1a7f57943414102a9c51ce5a68655ae84 |
| SHA512 | f573fdb631f6c2d6dd11588c59934457a4cf392fe8d9d9ac2dab223176dba49fef83c8a63c3617d9037679ba5450257812d5e44dc38fda10a450532a5575c007 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 250b7f0cd262884ae582010a340e97c9 |
| SHA1 | d19cb0ee9ef8dc4ebc074300ea56b07173a39836 |
| SHA256 | 2e70debc88778e521f53f0a2d52244038e5242e6ad3a9f2642f415fa9d4369e8 |
| SHA512 | 2cdd09e1b0fecb46807cc29be95866175b5a58e93f9510b519693d2254891b1e7ee9810ca5cd953911464401600a36292db82e5517ae6fa5aaee280699401c56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | bfd9031786ea04b64b5a183d5207527e |
| SHA1 | cb9485e6f785315c3f8cbd9ccc0b210d20167668 |
| SHA256 | 33664a2bb1dd0a28cf0323960a2233024d3a5cb0c103b786ec17334b3b982292 |
| SHA512 | 5c8bc93e404b254281d06c8f2ebcb53e7fd25f7971741a142d532731a2246ff7b69ca9e5defac075eedc87f9bc4f0990873b155d3c6ea50b534f36908b2be379 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 8a488b37cbe4a4f4b4b26de55c3eeb55 |
| SHA1 | 9fefbc8936a5ecc60d50389f2a38d876e3638ea7 |
| SHA256 | 7ece8f0de043806a95c9bc665d6f2a3a6317779b0c3fa02cd5abb71d53edbcde |
| SHA512 | ae7a867bd8a2f3d8af6aa4dc4aea7f489362b6dbcc2ded7df0cce20624b59fe69371ecd47925056b5ee6f1ecde5643f7fab7c99391eaf1508540692b4042bdbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe58a96a.TMP
| MD5 | b52868939cd3f10dda5ce90659e15ba5 |
| SHA1 | 640436d0c35957cf57409d55bff1d16e80b1bcab |
| SHA256 | 186f0646a3e613422c0a06b8f0f26bd3b6dc7b02819601a90223f974b29d7156 |
| SHA512 | 94fbeaabb16ebc4b551e5a4bd24c36833f32a9b8e8f445f8c1e4df13ac378d163676012e6031a3f67908c489cb0314c3d1d496ce76150d3fe9a72da997b1cdf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ca
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fe69444069ad605c5e7b6e6b6154a2f8 |
| SHA1 | 9e842581b8d496455dbaa9566136a7cff29732d5 |
| SHA256 | 86fc87e36c807c1bff220fca62fa50205812f1af00fc80c75acd9de4b3bc4d7c |
| SHA512 | 749e045e9c1827628fafb2a38cb33104b8e472fd730b6843d910f3104ce17b2bb734b5a6fad4e77e2477d8c95f4f685c702554ddaf51539420878d08cc527261 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 32887dcc68b846219a391bf149699d87 |
| SHA1 | fa3e92f940e0d7b3e68ac956558f12703adcc31e |
| SHA256 | 640a41ffcc635393ec12a22beb8c0c1ff20501bca7affd68b3f207872223df84 |
| SHA512 | c44a1fde2d4bc3134a17ba283f4cb35fe10b5b5b36e0d3ea57493e532553db9a20f5e90c279dc482dc8aa3c011c66aa2bc350686b2d24de9b649072f25f618e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2703795398072a0b4dc616771d1591c7 |
| SHA1 | 585201e4ee2ffee7224b18a85fe60b204d319538 |
| SHA256 | 1b957fbad3f1a1805afd585933986b9a8c1228ecb6eac1375fbce488090ac1de |
| SHA512 | c9617376167e862b4e65f322d67932d0335139c49c694c748cd03ca64d35828ac8d65a6d8a94c4cf16d0a9b3b17fc3cacfb83df5d7bfc4f09a48d615f16fe06b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 142c0a453b5da2636d27e0d51cdc9318 |
| SHA1 | af84c800c0beb7ad1299300a72d0d9af6191b4a9 |
| SHA256 | df356b2634fd8e30e0649fe37f2348d1ba337c235e74039e134caa14b1d2bf35 |
| SHA512 | 4045b411df00f78c8a16bdc797d40643bd8c624f07b643b5390b472bf87469e05e0b65559c2a9c3411c038f3432a691b32eeffb37e8446056c4c3ff62548fa98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8594f66dbf20dc692e41b755e2ae8769 |
| SHA1 | 6722253fdace8e7622150c3e7f35075965de5876 |
| SHA256 | b086659dc13d65d48d932b4c6aef09d212e3970158b281a04acf635f11b9c8f7 |
| SHA512 | a84c40e4693438b53d4aa43d4af0204bf085a6337c60daa47701c862bb9754de18332ae0e7d4c3abb2950e3847955ef355945c70cf374be5e78a0a46eb3fe75a |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | da5705f4ae30d837139cb7380d941e1b |
| SHA1 | 08ae6cb9b2703df17b2bf554586a36f4b73502a6 |
| SHA256 | 9f205a55a45a2a45d2ebb98afb21499b191a4b2e26f4311568d0337b32faa1ca |
| SHA512 | f3042947d05222aff5facc14ac6123380d502435e98608dc6d053848997cdd0fb22b121a381e67df893c15ae14ed836a58fca5898540ea5dfb0a0da32ed8dbef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c3f7959a379f01c470aa455b4d397547 |
| SHA1 | 560e1d2a134cb2756934c97004f289854225b8be |
| SHA256 | 06bb65321e33ffb571ac47972db5913502c5e9ced3b993ede7717edc91b20989 |
| SHA512 | 3c900036259ff330a8c8dd77f7b7c7f7aeec0b6d858d597aece1236aa01218df893fc9d097d1a51d2720a02381d7c15f51919bfd9822f0cccc0210205964d46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 07fcfc831059346a54389f2ac9ae476f |
| SHA1 | 66a1c20fe7a0427003c036f8f929d583505919d4 |
| SHA256 | a879069daffb2cca8e67f6fb116141e7c59ccd77d4355b7fc8f6e21c99c6b68c |
| SHA512 | 2c609bd179d09b7c38077883fd84ec7c9c0946bc7deaef5260f5c06157f54811413ea33fcd51358fbf0a8c907e9c4c5408d693c98a2440f0f4f3463680649ff8 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | b68e7f7ae52ef8e962723c7ddda4f75d |
| SHA1 | 686bdf2057cdd7b16877fb5eec0aff150fa074d0 |
| SHA256 | d779b2acc52b4b3e72c1461dbc7e950f0b650e924b3799db425942f64624e94d |
| SHA512 | cb0ecf531c95d657019b0188e648520b36b8386516d2e640239d99972ae44439d21ec6fcbe7902fc59c6f65db3571db0944e48f2207a442f3be5d10c9655bbb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1bb7cbdf07397c8d81864e507966527e |
| SHA1 | 418ce22fe39e826ce8e89bdb90e7a35e2acf99cc |
| SHA256 | 7949db0d9ffd4f258d54d0909f18ab18c059a6f3c99cce95da7801059a33d011 |
| SHA512 | 7a6899b84f40488e68b27b8d923ddefb605bb1ecda09094f004fe814347c4f1c06f8656173e0dca38d2d36f2624a12a73e03f96528ba9d279217c1f0ae10ce28 |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\7f3632afdee7118812dd116069729b41
| MD5 | 7f3632afdee7118812dd116069729b41 |
| SHA1 | ed116033aff765c3eb24c3059aff6c6fb0be0c0c |
| SHA256 | 6c98e86a6d732761ef8b8b2df2646f55190657e02201ec8ab8b9137345154c5a |
| SHA512 | 44948874e9d243c234882ab1db269fd729f57ad5fb36a3b22428e0d78a9fe5a05366ed2eb97d0331caa0ef1b622528130344016e13f809b266dc1bdc10ebf9ed |
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | a1dbc6983b4b94d851acd40a63f4617e |
| SHA1 | 39644ffafc494e07b73ac90ea301910fa9a4550e |
| SHA256 | 3ced021cf20fc93178a2cebdd4c75bb3a0764282dcac4a519ec6921bb3123375 |
| SHA512 | 1990b5584345b369bfd69deba17f5ef3ffe5cd83bc4154e962bae013e516489998d050914a3ea8178d7405f631dadfdcde1b1f8a54ce11c22827ca251fdbb0fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aa7890d74d2ec532cbe8b629734947b4 |
| SHA1 | fdc499e1a1cadb14f4af7bb3c41fb3f42bb548cf |
| SHA256 | 67f8473c1dd64ecdb3688490f300bea54ee320216ce3920c893705428566736f |
| SHA512 | 595b9c207873e639626feb8e5760247defdb074f9da9eeab42bb4d7d6ccbafe6fe3473e4392957fda281107a4754de0d79a13b7c67cc62eb46b8234695c0d7cf |
memory/2644-1368-0x0000000001000000-0x0000000001035000-memory.dmp
memory/2644-1369-0x0000000072F20000-0x0000000073130000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ca49871431d3e30609044243355044e9 |
| SHA1 | b543083ddaccedf5f2db02734cc4c3b573b4b0ae |
| SHA256 | cc335c7693540b4a81f2f87ce9bc1eef130618dd41b2b234cafcffd673b8855c |
| SHA512 | 2bedc32f919241f49fd891b99ddb272ae31a0eeb2380ec94345f5b88d7ee67ae0cb301dc7fb523957de17bacca732a0b23f92f0d09fe6a18f18746e1b5e52903 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9805192b3c5e203f7df2a8652ff72f73 |
| SHA1 | 76a3a938cbe797193260124591405c68d63c12a8 |
| SHA256 | ec40e61490be21743f21417d4e20e3d5ed7830c629145c5bd1dabe355d397248 |
| SHA512 | d2450957ed9b4e8cde580d2056468046c4bf8cf4eae8ee9b2ec982eda28749dfc970cc7b204e057eeb3835325f16bf69590ca5400e816f0ed8dd0b5cbf43fac3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 08ceb3b7e29ed985eacdce3378a80ae1 |
| SHA1 | 661b615dc736ebdca3ff0294b83b6bdaccb149d0 |
| SHA256 | eeee00b350887f5197a58ce237c764fa2cf140f10d90cc23de8cab2689b81b91 |
| SHA512 | b119a15dec9de253f9b446cc5bbee62f5fcda95ce6968f822641e4dfd032312c99b0719595fc63f7828e18d45cc171a42917a066a32550261c93986a5d9c5217 |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | c78e07a1aed280f0ecf3a62b354574c0 |
| SHA1 | 1a2a1a8f7bbae8960db6335421dbf7ca2541cf00 |
| SHA256 | 04a57f13251271cd45e097ec1fc7de93085dbd52f33bc76eac20835d01b4c8ee |
| SHA512 | 5fc0d6f589976fa79a79a4f95834d9c90eebe1d34d94f020d40342bc225e895e6d75163c7015d796ed0bbaaac78d10b4c23b74bd6358306d7f3bc4f2cd44be0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8aba06201ed52f827abddbe4d1980f7a |
| SHA1 | cf122b0bdc6926d14ae2ceb415ab1eb5bf8eeac5 |
| SHA256 | 81bdd067475b43a521a67f64c3d805664432e2d39ec44a1c170fdf284b547f12 |
| SHA512 | 1785f398a33d64cad0270179d8a38983c1572501be830dc3b396625cc0deac1acd5cb0f4dfc76f455247d4993067475786fb8c2c489232586d7af2915f0d8d0e |
C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Installer\setup.exe
| MD5 | b621cf9d3506d2cd18dc516d9570cd9c |
| SHA1 | f90ed12727015e78f07692cbcd9e3c0999a03c3a |
| SHA256 | 64050839b4a6f27d896e1194e902a2f7a3c1cab0ef864b558ab77f1be25145d6 |
| SHA512 | 167c73cf457689f8ba031015c1e411545550f602919c35aff6fd4d602bd591d34e8c12887a946902b798bf4cf98aadfce3c2de810bf16c7c24a216bfd8abec19 |
memory/2644-1580-0x0000000072F20000-0x0000000073130000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ba4847e452bcea36fdbed22041b826c |
| SHA1 | 05caa60cb27ee6c61f31089aa8df4b933419dfe8 |
| SHA256 | 20377880e2ac3a51346324c7ef3124c2fa4869c404d62dde4b73fc68f85b1c23 |
| SHA512 | 946fe84a34610e1291a41221b11c97bf611be2c038d30886ece47b89342e02c2c0f4b1e136488647a24b646f050d284428dbe9af902110a9e4d4e57ef9fc962f |
C:\Users\Admin\Downloads\Unconfirmed 881681.crdownload
| MD5 | 0c51311b8e9d06dc32930c38c98a7b95 |
| SHA1 | aacbb77423f97d4bc7ec74c75dc6807ed4338623 |
| SHA256 | 26323b34dc2f151859ba9d36615463908478a70915bc7076a1babe52855c22c0 |
| SHA512 | aa3f4baaeab39e29d7b16221871d6a1219310b43d750415dbd7b114c57b1c133bbfc25e213398ace80cf361a4f6389c191cba56713985a5ce238d920610c0801 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 191cf0e9c0768133f87011cae55b65f2 |
| SHA1 | d303f7ffc1e7c5819216cf766c5e9f770c4eaa26 |
| SHA256 | 01d4f999d74c8cbe173fbdfad78bc0b0ee16518b1a41f80c820f575e82144be0 |
| SHA512 | c4fbc33865c038b214d8e7f94261d07039db2dccef6082059ff8cb81252598a315bef5030fc27de61a036dd584e6053ec335929c080aae8dfa96137b8ab63832 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 47072bf02bec38ce22bdd00435d7f882 |
| SHA1 | 54ef4f24f77f67e5c4d52cefc387d8589ee88358 |
| SHA256 | 6657191f63a625a635a3cb8a12041c9f6e4ef6e4a1492bb635f51d554b408934 |
| SHA512 | f9841f779b7decefbacd68bd1e11f10b46d9c98275e8b6056c65bebabf485f45813f56196d70c56a88f6c2bddb1d6a046f83ae9e9551d6bca30880c95abdee59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d4f059eccd2c5ffd00f5b725b14350f4 |
| SHA1 | ad83e6b4eba35126e46f4eecc58b515d85a6ec11 |
| SHA256 | beab59070fb187c0f24b60b4a68dd9bd6d69fb5d9f0e224ee4c432c3c357b19e |
| SHA512 | c3d521d188ce60c17700720f1cc229143e952c56cab2bea436222d7f6e1d608c93ec3896a9403ea3b0f86aa4cded484911d51c11cabf9179b20242926180b835 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 10288817b7acb6c73886b2c3c965c035 |
| SHA1 | 21951db608a957cf4d88f451793a4ec2904bfb8a |
| SHA256 | ed3e72172e357f24aa0f0b7bf148d82d25d57cfcc7884e58177766a7f7714cd9 |
| SHA512 | 7212246c19f854ef842ad937daf3fe9be0ea27d3e0a3fad9119f279d22d1eabf2074fb9a5175c44cd7f90608544ed55263f327192413d1aae87e92a2a898701a |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JJSploit\JJSploit.lnk~RFe5a7408.TMP
| MD5 | c6d212b85f29089f07c221be55907de9 |
| SHA1 | a3fafeb1d94f88b379b61ad3e38d20d5b10801c4 |
| SHA256 | 5086cf97fd1759c0c4ab20f6b8ea376a55d58471a2ae3815b526f681bfc4e024 |
| SHA512 | b4bdf26861cf59b4ed97e0147d9497e6b6b0482c630d31f1a1060720e034c32145c45c941f661a3b4e07a2dc69eb73d201afb4ec403e1d5e16f74e39ecbcf5ef |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JJSploit\~JSploit.tmp
| MD5 | b91ee3fd1e0ead12b2a86db204cfe76f |
| SHA1 | 869836dd5ad66725073504a7a91357f7f6681ad9 |
| SHA256 | 639b1cc25fb0fbfaaf9d488e3c1e93baa393d088b9d13b7b1af6d3d4a0c79f62 |
| SHA512 | 8b450634f9db83a9b1e87b56934cc32da562760c888eb412a6f1401e0dfbfa407b1fb48c64051855a2912b4f11ccf78c2f7158e579dcf6cc97a7f3e08e85af50 |
C:\Program Files\JJSploit\JJSploit.exe
| MD5 | 8c80175a590266d599fb77ccc1fa8f85 |
| SHA1 | b46cfda374e01776361c9b1dc6b46f5d7275105b |
| SHA256 | 94f52e11c81f7700834281cb179089e470528cf2f3701d5428195a06fe7a7269 |
| SHA512 | 0d6f1bf2d0e2cdc151a2af3e814c2f724e26f37fd4e4a36fefd2e30b5249b4745b0548ee320e8faedc1002980c1554007b4b3b5ba837e30c759122a6ce0b7f95 |
C:\Config.Msi\e5a7254.rbs
| MD5 | 587d09761f540a414e2441cbf9150016 |
| SHA1 | 6e0ad3a962c56d350c20f39c19b10fde5f69b014 |
| SHA256 | d7e54d99ac10952dbe1e299570b25ab8044c91bcc5975e98cda17ea7a194731e |
| SHA512 | d4bd3ff36f5abd81b1637bed49a4a7712233727be71e974cee17edd28992f378aeaa622053e29d042084681271b01687b5b2c561562a18002749218f5cea2008 |
memory/5684-1779-0x00007FF85F450000-0x00007FF85F451000-memory.dmp
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat
| MD5 | 31a6a6c5deee1f03f4aa996413260f8d |
| SHA1 | 378b0c7752168b63d92acdd2d5852b9ea7bd330c |
| SHA256 | 1cdf42e102fe66aa399f15c85d92fc9429ca1dcf6b72794993580e7531c25aad |
| SHA512 | 8c8b84b6d3416a9161a4d4bea601d2273f9d613b04589e556d3c3c2a941929ca5298e38c3b80dd151e14685fd3e1688bf2e9346ecaf333c527de05a2c46cfffe |
memory/1684-1796-0x00007FF85F450000-0x00007FF85F451000-memory.dmp
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
| MD5 | 64bc3b2ccafd0d2dcf422844d3079c20 |
| SHA1 | 889b588505d1aa5b7f1f1f3af20c49eaada90c36 |
| SHA256 | c51c9e4278c8870414b359f6366f954b140594ca7c80d57ecc09c372b5364649 |
| SHA512 | 0234c1b535817b0bacb8f54e4c4850fbc141df60eddb6488499edda236556c38fcf422205a07a2fea1dc9eed828eaa5884cc4afa8b6687f4a62228ddeac2d2b6 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State~RFe5a84f0.TMP
| MD5 | 6a7dceba280100b78b57eb5461d7a7bd |
| SHA1 | 8c429df03301627004a028a6a550df10a66fb8e7 |
| SHA256 | e14d8e05d11c45747533b8316e6fd6e179a020a85376aac6a532158f15eceb0c |
| SHA512 | 7f99027fd2d2c6f9b4ad62729ec534d5c3a0b617322fc9412d15f99ffc17ca59f7e72dc72098d982cf470b2a864ed11a9ebe8fb45f88c7efcc8f58794333734a |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
| MD5 | 718bb80c5c2b066e84aab716d1b5e738 |
| SHA1 | 4e189e1a6c72f2528d59b3e5c5946bd6d1e645e5 |
| SHA256 | b11102ad01a7bdba09c36ce1ccdbbf6e4297e48c7e6df01a1504371fe0a506e3 |
| SHA512 | bc20663706ef1c06798f09249556f0effac57caa38b5cf7b4f85d86b643dbbf667d62f0fb88d827995829dd0be7109b83ce49b445dcc1f998c9b43337498b219 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
| MD5 | 60232eabb515a64cd080d58dd33e72e1 |
| SHA1 | 419d216752288611ccb760b46b91fd4f0bc551f7 |
| SHA256 | fedf1fdf051d4580d06c371d19cc04bada21392987d0f25ab15f8e15015202af |
| SHA512 | 578ef1d3fe45b71d3e90a1706c54c143ce76c24d6ab23eef1c3759f3579df0f7f6eeb0b6d9550cf9ffae8d4b1494ce4ef2c438cc0ab36becd35a0cf33f43735f |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 462d08256ca3ced82fedd79d9ac3d9ee |
| SHA1 | 8e4c6aef3b39afc1a8525e6addb0b6df047ac7da |
| SHA256 | 0cf6d9b8f33578a8d4408cc3c462b1c7c4ebc904a4bb20c4df4c3ed0ad019ba4 |
| SHA512 | ce578b2562f94abb3eb5b64896df4cb8ff947e2086b3220c55d027b46789cd8575bd95bc88552d13db3083334a1b0d3e9095ec5eb5b756671d4131942c78456f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f3
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
| MD5 | 5a03905ea2aa61a2395bc58945486a39 |
| SHA1 | af27fa43486f95740baab06b9713e7910a3625af |
| SHA256 | 141d9da234fefcb2b3ca44e074796caff28aa4345063f628c9e5ee1d7d7bfb40 |
| SHA512 | 77fd357bef299ecb1b06c6bfcdcfceae471f54a1c522673bae0eafb291488b1fa363efb12e7a131a663aa1ec3ae0264b299b2a88e239ee29ffdda1f75e296de0 |
memory/2644-2032-0x0000000001000000-0x0000000001035000-memory.dmp
memory/3188-2037-0x00007FF85FE80000-0x00007FF85FE90000-memory.dmp
memory/3188-2042-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp
memory/3188-2046-0x00007FF860080000-0x00007FF860089000-memory.dmp
memory/3188-2045-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp
memory/3188-2044-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp
memory/3188-2041-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp
memory/3188-2040-0x00007FF85FFA0000-0x00007FF85FFB0000-memory.dmp
memory/3188-2056-0x00007FF85F380000-0x00007FF85F38C000-memory.dmp
memory/3188-2055-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp
memory/3188-2054-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp
memory/3188-2053-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp
memory/3188-2052-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp
memory/3188-2051-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp
memory/3188-2050-0x00007FF85F270000-0x00007FF85F280000-memory.dmp
memory/3188-2049-0x00007FF85F270000-0x00007FF85F280000-memory.dmp
memory/3188-2048-0x00007FF85F1E0000-0x00007FF85F1F0000-memory.dmp
memory/3188-2047-0x00007FF85F1E0000-0x00007FF85F1F0000-memory.dmp
memory/3188-2039-0x00007FF85FFA0000-0x00007FF85FFB0000-memory.dmp
memory/3188-2038-0x00007FF85FE80000-0x00007FF85FE90000-memory.dmp
memory/3188-2043-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp
memory/3188-2057-0x00007FF85D880000-0x00007FF85D890000-memory.dmp
memory/3188-2062-0x00007FF85DBA0000-0x00007FF85DBB0000-memory.dmp
memory/3188-2065-0x00007FF85DBC0000-0x00007FF85DBD0000-memory.dmp
memory/3188-2064-0x00007FF85DBC0000-0x00007FF85DBD0000-memory.dmp
memory/3188-2063-0x00007FF85DBA0000-0x00007FF85DBB0000-memory.dmp
memory/3188-2075-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp
memory/3188-2080-0x00007FF85E940000-0x00007FF85E949000-memory.dmp
memory/3188-2079-0x00007FF85E940000-0x00007FF85E949000-memory.dmp
memory/3188-2078-0x00007FF85E920000-0x00007FF85E930000-memory.dmp
memory/3188-2077-0x00007FF85E920000-0x00007FF85E930000-memory.dmp
memory/3188-2076-0x00007FF85E920000-0x00007FF85E930000-memory.dmp
memory/3188-2074-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp
memory/3188-2073-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp
memory/3188-2072-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp
memory/3188-2071-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp
memory/3188-2070-0x00007FF85F400000-0x00007FF85F410000-memory.dmp
memory/3188-2069-0x00007FF85F400000-0x00007FF85F410000-memory.dmp
memory/3188-2068-0x00007FF85F390000-0x00007FF85F3A0000-memory.dmp
memory/3188-2067-0x00007FF85F390000-0x00007FF85F3A0000-memory.dmp
memory/3188-2061-0x00007FF85DBA0000-0x00007FF85DBB0000-memory.dmp
memory/3188-2060-0x00007FF85D9F0000-0x00007FF85DA00000-memory.dmp
memory/3188-2059-0x00007FF85D9F0000-0x00007FF85DA00000-memory.dmp
memory/3188-2058-0x00007FF85D880000-0x00007FF85D890000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b8f83d5903e7e784a6836d9e12aff001 |
| SHA1 | 41343e4172f83046d949f03272f51f08d1bb3184 |
| SHA256 | a46286c6773efcecc8d26b1e780dc818bb34d1c14f629c7015aa1558e2d9febd |
| SHA512 | 6ed03d38371d6ef5e06c4ed60a7699264b36b3a1fa871150c0717bf1993dbfaf1dace9b4f03a4e3c6f4761a2a42c820bbe0e9608efc303d246b2ac0bcb867689 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 34d740ab40630985a57a99bc52fd0c1d |
| SHA1 | d9b8c5693dc0b1c0a50b0299ec28864d394eec44 |
| SHA256 | d0923a86d22bdf81ddbcb1378bee342d23139fd2149cbf2afa20c8c9d8701ac7 |
| SHA512 | 0d618b936ce97e2f701675a3b44e17a641e3587ea6a8d4caaf8ce23df1bd27287d51f2c061da2c534f14b5955e1d3d6b81f8e214a7eeb71ca996e11eca5a8c60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5c8f4d6847ce8a16dae55d60bb1e18da |
| SHA1 | e959e3d71e22b37c3ecc347a40b9a2e66ede2791 |
| SHA256 | 45b65d35707dc1a2d2362a58d6250b344ac8ad340d63078a6d470090611ae8f7 |
| SHA512 | b2d7a7d381b4c628bd1174ef25fa93c78e6816167e6088a5e3b23f145fae6cbe777ae56ae8ec51795913626bf228f4db79733c986f003d01da90dc10041dfd7e |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | c78d9733c11393a422f79243519fb756 |
| SHA1 | f5324a8982d4d563c4e2cf3817deb58c88e99caa |
| SHA256 | 75217cbfcbd8ff6707b06be76b57664b3f43a8d6d952e80c93afa37d6357341f |
| SHA512 | 05963952c680de62e78157c86a81aba680cd69eaf4538b8fafaeca07f4b4c9e63818414b9471fa8269c5eb7534e186120a32f9c324ea1721b4e7c7bdb602820f |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity~RFe5ad5a1.TMP
| MD5 | eb3d956f26a3f8eb1c77b84efa1bd45a |
| SHA1 | 6954875258503ea53a7fe3a8c5722522ec178eda |
| SHA256 | 11571848d78db37d86b0623248b200473880229a6cc744617c055881b0119e79 |
| SHA512 | 3925595165ff0dc3d28cd52af7cef83ae5536b9f7e41721db775fe1dce048c3e6e41434bf694729996fb5731f7c050f627f53b0d506008588fd42e075c4d47d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | da633133ae204b2e66a0d2e214787311 |
| SHA1 | 804be86f5b36cb377752c6242d818d6ac4bb03c1 |
| SHA256 | 8ac7a947db84fd862094c709984aa4fa4b70874ab3eba41952f3d9e959d42f57 |
| SHA512 | a602c67442ce58e35b27ac38bda0247ed4b0cfc799bf88548b19ca4b554f2016d5e5252ad49a1c9b90c09778bef2f8b994c831cb047b8690bda46b17f081a69b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ca9569b6a67b31dddbc8c1f8d370d8c7 |
| SHA1 | c735ff6aca07b206a3681151ad19cde314fc5e6e |
| SHA256 | ebfe0d8d5614201a873f91f066b096d0cc79034660aa4c862b0b6c7e93aa1a91 |
| SHA512 | a315468884d54c68c47f3d4f6f6a26044f3b63567d02b872e08469cb080be0902e923ce6d167fc3e5a5710205634e461d8199a10757168a25862aff7562ffd4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b06859e3-ef4e-4e1c-8244-be107880d034\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3b3668be35c625fec3694e23e5ad7c59 |
| SHA1 | 4c07e99aae8cd8a8a76ffbf685c34043e5a57018 |
| SHA256 | 135b20562c765e9b50f7eac7281bbce65571ef88455a34e41a5692b15fdcd53e |
| SHA512 | 24e37f9cda5c12f7899156b92e46809569856e82c288b7d940711a7b7f8eed20ba72e946718721c01adad4ea283aebcde7191df1f6d4fafcdd6c1828a8ca3e00 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7d9467f6df11634b24bae23aade9941b |
| SHA1 | 85b7959cad8ecf165557c9f99b46d398c92e35dd |
| SHA256 | b1325863708ac18f22a1889644583ffc23d1323201263f15789d2e5081c693a6 |
| SHA512 | 9320a0d1cb1b3aca9fdaec8e91f40772bf3a083ef99bef39b478ea90781c3b59dbac23eda95d66357cb82c5cb2887e60f53167e0cf036692c7bdaafe76677f9d |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5ad86f.TMP
| MD5 | 91d7d4c183a3b38f45df9ea785ae58f7 |
| SHA1 | 15abf257772594ae773cbef0e41e2b08a9bf05b1 |
| SHA256 | cad4b39f4e7d763052f3240ca7ab9ae2d5d7132a212b40864d83ed3ac74dcbae |
| SHA512 | 6fd7be3a206e1ba3c99e2cdf736938867b0772454d6365e49bd2c1a71d3393c736c64fc3b59b8577b6225035a9923e6080f63aefb4d2e1e29b8455c7ac15fd95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 10098433af13e51ccfeaee16682db21c |
| SHA1 | f6d285ed13066ac80350c9af0299e53776203176 |
| SHA256 | 8949d0e6bffc6958e71ba1af0b657656bbbdf206b643f2b573e483a38e82bd9e |
| SHA512 | 520f06ada0732accd73b10e1999685e96fb5ebfdc027839cbf17ee6a71a353f6c59b03d789f83a9f08fe5fca9b3ec69a5991ead45ff96bd46943bea0da6c862a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4972751ca098705cf15f63143a214430 |
| SHA1 | d8fbb113141300df1546c40d5d18801b4f36d004 |
| SHA256 | a01a5a9c9502019404c6789d670617a0350d3018456ae0f28ac5d4530319f952 |
| SHA512 | 7063359d174dcbaf0e304f655db7865bfc5ccc3f65a6303e027c4a9602f4476fc0bd7af7ab76ebe48d815b4cb3753116db8daf14d59ac69601a4b1c788a74752 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3bd4d389ca63ecde95ec5b99724c82a7 |
| SHA1 | e81fe5b15f060e8e8e6c4bd917a32f0a12ccda9d |
| SHA256 | f272822d65804d65b6425ad86063f57d31c5f9c2c617a12b0088a70c50f2f6f8 |
| SHA512 | fe31893c265f00e21df2e59eac341792340e9e0ee98dbf59fae3be923536a4dfc923697d2cdb5b4642fd7650e300359d26ad3e25fa6fae455fc4e74af4702f30 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | e9d98340394f653a77e441e13413c781 |
| SHA1 | 03562b483566adc88315ae55025f128ae7e05860 |
| SHA256 | c343f819cfec60870a1634d95fb3ad27337723cb336271937d70dc7dc8c06d4f |
| SHA512 | 4e172532dad7c12055425243938605b8521520a62f5a2e8ae0e9e3327864cecfcae6ee3e3e6e4b5e4fe772cd0e3c4ae3d475beca62a0060a2e8e87f50eb4581f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc960c27aeab90a02f7057adc41dd74a |
| SHA1 | 67b16e41d856cf771c98f380aad2d8dfc0511f36 |
| SHA256 | 77b33f5075b283b69ea63229acea2241d3e8c4422d5b004c191486e3288808b3 |
| SHA512 | 475e72cca379cf4db2e22be2e1a19bf0729ab954acae36a1a9c9b758869f1039a65983bbaa39b845f43afca1570357594e07433911c8119c14e9a6d4c521bb71 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\cf8859c7-a241-4794-8262-a5ffa89e5778.tmp
| MD5 | 6f7ed0ed672dbc7add2358cbc7ed81ac |
| SHA1 | bf7e7824a5c867fe9a2270d9a825e3e6964ba58e |
| SHA256 | 1d5178408fccc01ec57ea4510a1aa0b3e4c63e891a2c2cd133fc8662a2d0f7b7 |
| SHA512 | 83b996740170b5d8f12f902f67502d7e0de5cdb8a409f5d5ab8b52fd2959740acf2b7143794e1cd2bf7dd6eb7149c38e3f1cc4446757ad1167601ce4bdae8df9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d94949ca83249f4dfaace2d1d1a255eb |
| SHA1 | d576ec8c12363cd0b1b8e1f6fbcdf4a56e96ac0f |
| SHA256 | 8c13872777302e9717a89904055b4effc980f8882bc02facce06d000c5fdaf07 |
| SHA512 | 1845b2e62b5393e071458d1e90522c45f5926895006d96be230ecb7c71c058f1d1da063c1284af37c84ae81882c52601fe3778b092fe935662e35b6b1e1b4437 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b277a.TMP
| MD5 | 7e50a955184f6037b81b5886ddffefbb |
| SHA1 | 8e7b64b882b0d119b4529f7d47d777e0b1bcbdd1 |
| SHA256 | be384aa3796487898e9050ebf5bc414b2da626b2ea0081882c353a8f3944b144 |
| SHA512 | 61754687b52649823e2f4976f7fea02fc6dc0df2458d7b5ec7cc9cf0ed0733a79aae61fc5209b00becb6ceca50d348e034d6c76164b2a4981b4c03c074da2d26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4c1503dd-8903-4908-8f80-7eef5105de85\index-dir\the-real-index~RFe5b2da4.TMP
| MD5 | 389bfbec44586bbf1400d28250760635 |
| SHA1 | 564a8aa99a163ea9adc265b47aacaf16084a1686 |
| SHA256 | cc9109199c391fd021273b6a10c51113c143f1f81d04be36a5cef8a27e53646a |
| SHA512 | ad9e94596c10b7d097044749daea9cf7eb990c9a0dac8766d82665d40475e1a457b2f2f587db11e487f82b8cc30ee167a0017713e9411302618808f4fb2d058e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4c1503dd-8903-4908-8f80-7eef5105de85\index-dir\the-real-index
| MD5 | 76db850b711e030f1b2274a1a4c11ad4 |
| SHA1 | 08fb33a0d9b1cb513c216a6964a17d97ef83dbd5 |
| SHA256 | 338e0b1eaf66010d60be7abf427208aee7ba47fe4e78364fe59e2683acbe8333 |
| SHA512 | b3e6170c25bbae22e61f76b82b4bbb1dd834200aacf79e9eb4a28152dc88def9c7de53262e94afa798d7a2eff13c1f40a06f9dd4e3f51d8330a63b639962bf77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\99becebb-3766-4557-a55b-a5033431c756\index-dir\the-real-index~RFe5b2fb7.TMP
| MD5 | 93ee218ad112f6e58dd7293064448da9 |
| SHA1 | 3911ea082287ff2acc232c4b6da3f1cb35bae0e4 |
| SHA256 | f12b80d2871887babfcea84a29ff8164f7555e4ba95ffaf2eb42ab8ca7625a37 |
| SHA512 | ec73d82942dceedae084a64cbf1787c7923f4a7ac310505bf09c7882f4c610d8972f7c3d3804b37bb065cb17fec52a2b1735ef8eb018251b917d0571b7b5ecb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\99becebb-3766-4557-a55b-a5033431c756\index-dir\the-real-index
| MD5 | 4f5b96e7415351102955f9980013101a |
| SHA1 | 8c47c1e5d28c64bbadd20938816b501573c42c15 |
| SHA256 | 8d1d50f1ed922d16e434a99209a05267b1e4c6a430013be6ad1680a0257cf01f |
| SHA512 | 511201f12d3424cb9dc7d80997c54fb4827898e570e1223e6039894ffb4d206996914cac2834a79c4589adb857266ec9c97a65df274423c811d079ec64416482 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e3b9bd1fd769ea4815ecbccae217607b |
| SHA1 | c72ea15fa916b23718cc260e795df16dce5ebca5 |
| SHA256 | d4fa99a5e541233e3a572e96b347e692c2adedaa395512ac086ddf0c69aa173e |
| SHA512 | 60f671661045b2fd2aa117dc331818a0df5352574e1cb409ad39c8e27bd54c178ee52e812f3d50410c6ec3abf3872cc3bb54661f881ae06aa8a33ba87751148b |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | c5c136c1c6ab1a797f86d7553d032719 |
| SHA1 | e89836cb08822c18f2d687b0cfbd11fe3e321998 |
| SHA256 | 6991448cee8ee7f8c2b506115bb8ba8b1c6be1ddeb9433439fe3dd9fa284d810 |
| SHA512 | 73387ec7cea8f80a883d6933ddf64fa4127cb69e0ddc7fba2eb015d03efa8082dfb8e022b882f247277d71694c2f7606a604f310b8ee4312da7f5ff17dc56a68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 820239be139922a1feb5b355ee6805a6 |
| SHA1 | 0b42dfb9173700dcd6631278426f6f5114c67e17 |
| SHA256 | fd577b2b37b799058e94730f1dea55d91d69909baee5e1300a4a73f626fbb02a |
| SHA512 | ea42e8508329e7bf15a47d19ef4766446937c3fbb8092f12561119287211df9757cfdf201499f904d2ff907c0eaeb1e73a306ad1a634cd1af2ba42798cffdaa9 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | ef80a2b15d695bd7d26849bae59c71b5 |
| SHA1 | 2b77c752e34a1b13fdaa63be5af613e74944a5d6 |
| SHA256 | 73da1acf96a1122c578ac13ff89ad2f05776cc61658a9c92bd850a674fbcabc6 |
| SHA512 | 46bcd2819f7fd485db4b0b3eb78abd263825c0f4ca698b65c8079c5aa6264d64de92e85f9f1d7560f15ba86d0d4bb5f2848727b17f47af9d5954611f44cef58e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 344e91c3b5f8448b51059685dd56f40d |
| SHA1 | a0e6e1b3c6389830f370ab7c88567b41e486fc87 |
| SHA256 | e1cb7f9c22d18e854ea9e3038185ae808be1230752eb1f2e87765c8837aab164 |
| SHA512 | 5fdb00ea13b94e7c1919dd5736a35c9bd5ceb15f5b61b842be5325db328da647f020862179ac021f891e942dba9290da55cb4c374a7a3ac7c384723d78b24319 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\Network Persistent State
| MD5 | 80687113b93a6682eb5f180b244d0acd |
| SHA1 | 16c54f3d24842800644b010df5ce03f77bba53cc |
| SHA256 | 2c630c612f3ab353e01da882050da0249a656ddc3ba02e9502708d94ebd3b833 |
| SHA512 | b384bee9215915cdf4baff9dbd78b7ab91d4cacdd43d96116f0a5ea94500d9ac55bb775fcc80ba1ae4d208265fd4b45c6909f1fb85ee021cd46cf762b4b065a5 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\Network Persistent State~RFe5b97f7.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cdba572ffd69db60323ba18e4ec31769 |
| SHA1 | 97394712d2ac82b083521429195ab4964f02d241 |
| SHA256 | 08791a2aafbcdaf9aa3337ede6f6d35d8c6224c6938113cbbfd0aa4ae5b3ab72 |
| SHA512 | ba6ee20c2de1fa2473f3fe733615970fc2c3657aea848215168b8a9a8121ca758359a8d6a198e554b1ba3d55439b341af31dc274228636e0c048b594a60ea8f8 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 71a554e9bff4a3432012676230f1d40d |
| SHA1 | 2dcfdde34dd1cc244f8c47f6518e16563b69cca4 |
| SHA256 | 9b9982f7ed9b19ce63a1972d4b5b27ff7ef09ea75478dd7a402195daab7cf7fb |
| SHA512 | 580abc45426bf6828cefdf667e64c280082c2ae14f9c86a05726826b94bfdca50db345dab1502290a5e08c5fce6ebcc3572190b4f166c8ab505d66ac17dd8819 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a1d427714444abf250ec219c6383742b |
| SHA1 | 6eb658b712b87ab1ebe2b9f89b7954f690d9d64f |
| SHA256 | da5d75a607fe76f0e88929faa4c93c9df31cdb0b5d0e481f48ce5311bcc29aed |
| SHA512 | 26df3552ceb17f0a3a24a6ecd062e0b89b8f4adad0a601db2efc1d61d7c72bd907d872dd27ad7818ab6bdad7ff110ef699ed7cfabcad5d99866341dcc32ab9e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bf
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c0
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c1
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 99b054de7e97227135dd8c97dd58bd49 |
| SHA1 | 7d711d99d1b84fb003c41a64029b788ebd819539 |
| SHA256 | 9cc052ba05851da13a58483750e1bb273e872e8562218c91154fe11235a45606 |
| SHA512 | ceab23e49ea6ae5205813bb1bd445da724b26e3e0bab12387e2cb6a068591af9abafae9f584a798d25e7b68f8ae8d68b299be0b4a2f214f98c885db78ae2795f |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | a9d2f69b7e136c60a3ee585508a6b8e3 |
| SHA1 | 2dce5969b1822038814172b845c78edef80bf160 |
| SHA256 | f0d22c8916dbd6f46719772b48f8bd02fa7dbd22977d47210c1662caf0196a7d |
| SHA512 | 7bd9ce8e49d94ca8388b25ee704220a4f53209c0bc2205f6ef480a3da2ff67a9cf4dcb07b7f8ed71d94b2f36eb6654a5cf84c1ac4108cfdbb6578f26c1b9c3db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_quackr.io_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9ea8063019ee88d37605e56162f2e673 |
| SHA1 | 9a6892aa106563b597edd60681baeba2fd6393f5 |
| SHA256 | 70c1f403e3783e748aafcacbbe967ac4621ab05dce1837b2ec0974a0b2cc4ee7 |
| SHA512 | ccc30cf83ccb789ffdb67b1853fee7de9d86b1fb3b26bcb9ec958bffa4402598595a26eed133fc9a5841da5fd79dff8dec599d87fd51a8552385a0953d451454 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 196291dbcdb5169d69ee3063ac2514a7 |
| SHA1 | 99208f523cb7ac2119c3d0362da4b1d3dc4541de |
| SHA256 | 4d4748e18b927390d6de9366726a8488cd8ca7c6d9d410fe223f0fa7a5abdcb5 |
| SHA512 | 9e69dc76e2f146af2e934b3a6b7d99c42f53fec31d8e617f36df5a57f1b13db34659439ed34f0cd8115deb5d9132719238dd5a7667f8c80559bf3c808dee763e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 0b601339c96c1b3707014bba142006ef |
| SHA1 | 71de012580d31c0eb4d58b8d1f00da27381a6c1f |
| SHA256 | e1b12d1c8e86776a8d255da470ea971a31a2ce57ba429a536375a25899e5dce6 |
| SHA512 | d1fb220acae9cb088366190e2243f9549af1c30e93f5c7ee28ea5fa3ba2f61d0614b0fb3277fb3013051619a0f4fa833a1597e67982bd7b5ebab56218065115e |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.fingerprint
| MD5 | 5bbd09242392aacbb5fac763f9e3bd4e |
| SHA1 | 14bb7b23b459ce30193742ed1901a17b4dcf9645 |
| SHA256 | 22b55f5d9b1bafb80e00c1304cf5e0d6057a304a2e8757b4f021b416f4397297 |
| SHA512 | 541e4c7998e91a5113f627c2c44e32b54878fe225b3b9476572f025f51f2b4ec4a44b102498adcc22b8fe388970645bacfafb6e7fc8a216df4d7bbfc8b0ff670 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.json
| MD5 | ba25fcf816a017558d3434583e9746b8 |
| SHA1 | be05c87f7adf6b21273a4e94b3592618b6a4a624 |
| SHA256 | 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11 |
| SHA512 | 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1766db07a323a93b4bfc7b9b8f6abb5c |
| SHA1 | feb5342369853612f8d37d0ab5cf21ada92c18b6 |
| SHA256 | 309884cd5d8e7703e35601f2b9f03a65426767ba2f5abcd656ba3419b8e868a2 |
| SHA512 | f53e93b1e49e0a52588641ece42176b1e87f6ba1bc996a53c6ee482443d1a2dea201583ab5a7bb648b50c043b74b171ad6720e7d55bb2349b0b48da379b1e892 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | fdcd8fe32da9620aa6ae406dfbabfdba |
| SHA1 | c4bedd6b06dcc0b8948bf04651f5eca1faaf42c0 |
| SHA256 | 4a9c1459c3854e2daa13bd4e8c64e80c2be9a108063388dfdb002c7ad13e5f13 |
| SHA512 | d1ff15aff0ac1b695391cbd1a1f2798297e9048b16a9e60f28284cf5e732933bbe56a2fc671127cf6b84322858c40ebdb602eb9f9e5cc538b9de4ec5be1bdc33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | f2c4b3ee619e852842d9a95272031548 |
| SHA1 | 0231b240ac7af807daff6719856d98d0e1230f81 |
| SHA256 | 8d2161f3e4266b1fa06fa2b89fd66cb43650d211c7bd619b1a309ecc88dd25cf |
| SHA512 | bb99ab331dac92321f416886b09f93997aa2249c5ce4d360f82349956895044222438aca4a67f892f8ac469c7f4bd647e6c5b9588ad1e2b7671a7bc27c0cfd5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b0b5ff557adfa1431149a8982ff7ff34 |
| SHA1 | 595aafe9c89efeada5cdbc6503122837f7a9710e |
| SHA256 | 7e7f5d8f9dfff8b5a8ccb8e7d56bd0f089e60fbcd184700aa6b8cd6b4bc832ec |
| SHA512 | 147ec952401e1d3bb40f380d72fdd8265064d470e4f7a68f383c52f5a2a87b4d964e8ba5188c2a9da3ff1fb8beb7024e4610cc29f5177161e5de714ae45c04ae |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 7f66d92873d87b00aaf433173dae7084 |
| SHA1 | fddd900922d68ceafee3464ada87db74ccae5ac9 |
| SHA256 | 9778495ad6f4168e08dab854a20259f87b80d15eba1b42e936fa585fb791427e |
| SHA512 | 5d4993b3c36c16a48a2181952c21caa05eba9bee856c9a69770e8cc68d693ea00e4ab3d5ce5d31350adb523de22337e7b2d0ddaf055df44dba65eba6267fb362 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2c030142b0ced401c910c272a8d28bb8 |
| SHA1 | b649586501a8c5985b5b10338237490d229c6b6b |
| SHA256 | e99654836daf3457c2f0bc94088b5e796f90d0415d7c6e877b347c54c142c232 |
| SHA512 | ad2c7342c8e64b036137522567b8b116e34373f7c37ccd07a77624d806bf15c5a4cfbe2f5d91ce2b2e7139e717337f5bf10cf78f126859d6004ed79c2e5ebf47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bd
| MD5 | 2227a244ca78dc817e80e78e42e231d7 |
| SHA1 | 56caeba318e983c74838795fb3c4d9ac0fb4b336 |
| SHA256 | e9d7b93bae57eebd7019ac0f5f82bac734b7ac3534d1fa9bdba6b1fc2f093a24 |
| SHA512 | 624cc23d4a18185ae96941cf8a35d342e048476b0384f0595ec1f273e19163ca49b17b14760628eb9da9a5f5519d4671544669fb08985c4945faf663faf92e12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000be
| MD5 | 55a93dd8c17e1019c87980a74c65cb1b |
| SHA1 | 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d |
| SHA256 | 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009 |
| SHA512 | f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3
| MD5 | 0226f8de1e27a4ea1675c906aa32e72e |
| SHA1 | 6be3cda5fb935d130908ab0ba80bb926f38c75e7 |
| SHA256 | fc1a6e9a3ea7894abb8c67345924fe74bae481b0e351ce3eedd0cdbd0d9d8459 |
| SHA512 | 5a9f280e79ff805409d50c4de5f03fb827d72d692ba6e3250943af55c43beb58af65598d5e5c7d2fb583ff0e1fa5795103559bfd7aad284fe12060626d7b72c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bb287a040278c5a8d03b119769b1f7ef |
| SHA1 | 5bb7a431269c578b68f61324d82feb7230ba1e71 |
| SHA256 | 7eec8071f2d44514961f5e084722d3c9eaecd861f3cbc185fe5b27657a517195 |
| SHA512 | b40808ea007bac68233a67e87da36e3ef77f4ebf54f68d3b9546a8d7a3900abecc608c79faea3aa702564b2fa326c65710546732ab094bd5b6fb542898a7af17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 914d22a063a1b4bbcb8ca310744d587e |
| SHA1 | 587ac602578b06110587f9d8d9456c8753bc41df |
| SHA256 | acf6ddd179e8afe9b19ca91d67b32ab52b44f74d9f6e037123e7e43b61536101 |
| SHA512 | db6bcd2dc9ef87f2ebf0731b2bc3b2ffd9cdb08658df8f1426d27bed794f1b9012139edc0a5a90e7661967e0343fe54cbd29c81311dbe4b7df9cc90403cf1bd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012d
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 92379a815156811e7fb7a6da40ffa9d6 |
| SHA1 | 9ee1410f0e8d0b84fbff6e2d1431c4ec7071be10 |
| SHA256 | ac5d8006c181ce415254ab46410b04633116841f55401173bd98604e1f00354f |
| SHA512 | 9d7c7ff21057c1b6611315c54190672dbc8b1e1d55bf01603f019af83b03e2b8502c99d2fdbc2b6ef3b54c33725dc4a880124aadf6074d265c3ef0ed172a8a06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000132
| MD5 | bbc50fd81daa634956356ebe01811131 |
| SHA1 | 4430a7accdfcd1b3c9c9859e66c4215512083b5d |
| SHA256 | 49bdd4c96a6000996d9104a17eafd5a15443e9bd17d807df424bcbc4a9440c0e |
| SHA512 | 9d21a0ca98d07ee339631f494e423830c2da5de55f69bb5fc70f54627d3e4311c234dfc03ca77ad28fb64ce2fb28972e6422dd7b3cd76200402c25df67041793 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000134
| MD5 | 2abd079be1223e68fdd6f520afe8fab7 |
| SHA1 | 0f52ef825e632aa99b80724e2fc419fe1413ff39 |
| SHA256 | fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75 |
| SHA512 | 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000139
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013a
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013b
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_451859795\manifest.json
| MD5 | af3a9104ca46f35bb5f6123d89c25966 |
| SHA1 | 1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8 |
| SHA256 | 81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea |
| SHA512 | 6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000135
| MD5 | 1dc06492f582bfc9afc32518c5b669a8 |
| SHA1 | 3ceb77de90dfc8ad8a38e8df30f44ccafc5a074b |
| SHA256 | 4cca2caca18dd3689fce9fdb2b27bd6bf9e779967f12ae9c8c0d4666c1e4c2a1 |
| SHA512 | 80114c72ce7ac3493602db99d3b042c928dafbe7fe2d43e8f5e9d273cec0289c6c4742b9cf55a38df4a0bb9376c68ac9fb0ab3e8a6de292bf62dfb6a0c4f9e78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000144
| MD5 | ef8b09f2df1c04901dfd8f5e5f326633 |
| SHA1 | 57c877f6c01f8f41aafd8a0e4b5a7444e3890d02 |
| SHA256 | f3e517f718fdbfc155538067dd9550d19f9ca91fea4ae69330a5f2c638964bcf |
| SHA512 | c0334d4906be1620c68f9b6e74d5235d4bfec252582b6f00430ef5b8e484867848c7ccaad269d2e14adc35d603d3b6d028ddb6c2a2b98b2032c937b7d67dde6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000137
| MD5 | 8083ce83edae35e3337f7f26b52c08dc |
| SHA1 | 187958eb3fbd9b44ffd1d2223ab9f63dbf4be728 |
| SHA256 | d014283ecbb1e069f80a07b4c356824bf0408ac2599a850e69557c82fed649f4 |
| SHA512 | 26c7319e00084e9bafb0370bbb2b6fb5b716352dd35ef97a842893e816361a88d4adb3a618a71d9921e39c30d077a3723240d390223d4db840015b512b099c84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2e7cb448881abfaee535042a9b09c02a |
| SHA1 | 0477ff937a05f6c5bea548b11345dbd284209d60 |
| SHA256 | 66e30dbf168ce6adeedee3e06aa4f546dccdabc25eefc74f0ef922a9b94d19a4 |
| SHA512 | 035279549655fe044c0dff931a9f3ab73ca677afbdf6de8b9bd3cf2c494a0899198deb7fd2871f515b2e4bef9f0198461bf3a6222edfdf1d6286b55427063421 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-as.hyb
| MD5 | 8961fdd3db036dd43002659a4e4a7365 |
| SHA1 | 7b2fa321d50d5417e6c8d48145e86d15b7ff8321 |
| SHA256 | c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe |
| SHA512 | 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hi.hyb
| MD5 | 0807cf29fc4c5d7d87c1689eb2e0baaa |
| SHA1 | d0914fb069469d47a36d339ca70164253fccf022 |
| SHA256 | f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42 |
| SHA512 | 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-nb.hyb
| MD5 | 677edd1a17d50f0bd11783f58725d0e7 |
| SHA1 | 98fedc5862c78f3b03daed1ff9efbe5e31c205ee |
| SHA256 | c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0 |
| SHA512 | c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\manifest.json
| MD5 | 2617c38bed67a4190fc499142b6f2867 |
| SHA1 | a37f0251cd6be0a6983d9a04193b773f86d31da1 |
| SHA256 | d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665 |
| SHA512 | b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11aafb5042d784514a6b71f1f2cb6686 |
| SHA1 | 9ac36136973589d1b8aa50d1b80eabddc69ed9a9 |
| SHA256 | b70fa51d0625f7786cb07545f8164ae5e9c94bd7d592f52e24bbdad5014cda50 |
| SHA512 | 976cc525a5dac0ed9aae5c8c11c5c831caa1810ccb07bab81b584800ebac05c71c0104504b87d540cca74fbac53cd668901e200592535990b03914f79b6885e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d8bbb42f1a6e48a6b2da9fc25556e203 |
| SHA1 | e889eb267fa3d1020dd69aad996276e68306a35a |
| SHA256 | bbb9122f0bf15a740f75d34ad561ff69bbd3845e831c2341202d9daaa1f0bc4d |
| SHA512 | c50568be5a435d607ab1b9fa164d625dfb9081284d23fb05e0ec01e767d7fc982d39d2187a1a392e752034ab036011f545c8f2c4f30e2b52c13177d90a708320 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010a
| MD5 | f61f0d4d0f968d5bba39a84c76277e1a |
| SHA1 | aa3693ea140eca418b4b2a30f6a68f6f43b4beb2 |
| SHA256 | 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc |
| SHA512 | 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 30d8afffbb1057a9aa3a004bd665e8f8 |
| SHA1 | c6900d070dcb1687ad3dc682f8cf43b995a49612 |
| SHA256 | aba1b1db1c4d1be4124a2953177d386300fb531811d04bc2cd41925bcb2d0780 |
| SHA512 | 21f8e5de53c9e8ae790183d79d462fc42a64bbc905b144c0e74bd06abdb2f6564d792af8aa75bef318a59881d9fd44daa1473d251ee66a80f10310be9800e5fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 77e7ce86d03146e20401a2726ef1a411 |
| SHA1 | fd0d204656177acb2bfc7d98ed36b9c8a04d8642 |
| SHA256 | c777c857af0ab0a2ec969429db769dcc216cf7aebb58e1de7c6692b514d6bf79 |
| SHA512 | 079ea0c1b6b48ac1d379a004b0c91c83c31a092d237bccf47e789ccba6c81f3fd453c4f68075a0102ac123b09697f1acdb3edd5f5f3eb482adf73e4e54dd69c9 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\manifest.json
| MD5 | b3b44a03c34b2073a11aedbf7ff45827 |
| SHA1 | c35c52cc86d64e3ae31efe9ef4a59c8bdce5e694 |
| SHA256 | e3649c54fd5e44cbb5ba80ef343c91fd6d314c4a2660f4a82ec9409eea165aa7 |
| SHA512 | efa957a1979d4c815ecb91e01d17fa14f51fafdde1ab77ba78ea000ca13ec2d768f57a969aaf6260e8fd68820fd294da712f734753c0c0eda58577fe86cfe2c5 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\PKIMetadata\14.0.0.1\ct_config.pb
| MD5 | f9d04f6b65d1a463f1a01ec39b77622c |
| SHA1 | 8f13311afc943d362dbb332b1c0fb289a722547f |
| SHA256 | b42a2649782caefe33aa7f546a02b69bb292a0d4c8ca48602bd9c8dc623b3588 |
| SHA512 | 16b6419a5d1848abbc668fff08b767af3e01abd71a94341baad7344c0dafa5951ba8e3bbe8561d79fecab03b720e0293e22b49659961d82587d3c7956addd71a |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\PKIMetadata\14.0.0.1\crs.pb
| MD5 | 5533fc3f4c1820b787df3ec6fdc2ef1a |
| SHA1 | f39ff89fcc1af711e8127c52ba55c8ad347e84a2 |
| SHA256 | 56711adeba4ecafe298eab09cf0ef2f1d7f3260a2aa4366b927029781d270938 |
| SHA512 | 5194c0562b8cb8e23fde7b561b00dd6bed93782f2e9253324a8e8ef05b69b66a549f2061ff3a9010a73a1412cc64889bc93931d0f212b8a68e39838dabd8e811 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\PKIMetadata\14.0.0.1\kp_pinslist.pb
| MD5 | fb4c5e847d5f30be002702ffab8e928a |
| SHA1 | 30adae5ee6799e233e29cb6825bde492ae6dea98 |
| SHA256 | 2fa10f05494714d062dbac514989f544036509e4181af8352bf7f8c3b7ff2fe0 |
| SHA512 | 6c0792c37f44835a10e412dc889e64bfb740337c0a94ae360149c7987216cee168f4b70a428fa9a63a99fa0d35640727450e1fcde735b42c6108ee3f9457f72f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 83aff03e397aea0fc5b1454abf4460d9 |
| SHA1 | 6d70dcd527da2d978d7e69889c62cfeacea7875f |
| SHA256 | e66a3164656df32004c5f903ae7fa478c11aab22fe9b389c630dcc5eb520b122 |
| SHA512 | 5b02cdcadb005bd8009aa800140a3e17ce7d97e7a4d97488b2bcc5cc1d9b3387c6b3c2a8cea3a483327020217663a1aa33428e98db0feae36d5a95eef88740d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e7e5298c8a3a6002a899616f63bb014e |
| SHA1 | 2e0f990dd3d6bd5f422c812af95ff854071bd7ed |
| SHA256 | b83c88cbc1520e58f4fba3822fb86b22f125fcb698947a29bad307506a44777a |
| SHA512 | ee4039f1e5698b651a12775259f611eb3bc65ac86c9411f158ea30efb0d6b03934fc9958eeded4f6ac721cf0897d75d43d22807fa1c8ff80084807d799f53127 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000136
| MD5 | 7c702451150c376ff54a34249bceb819 |
| SHA1 | 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2 |
| SHA256 | 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583 |
| SHA512 | 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | ff6b7206d1ed50a724b69e3d8fe09ca9 |
| SHA1 | 47c3e7824986db9d2e6f67521c63ff2c23fbc383 |
| SHA256 | 0f2e4c0d5b99f2c67d4cf6cdcb7c7d0e898f6578ab3717768c116b0967db981b |
| SHA512 | 28f556a645e9755b268dc6ca01f577f88aeaa7f4d68b04e808873c54bad4e4e18f3d0d7dc8a7e431e77c2b10df781fb66d0035c6f45c9781f5344d053842420a |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\manifest.json
| MD5 | 077da41a01dde0173ebbf70d3b7210e2 |
| SHA1 | 4b3c3deeb9522ca4ef4e42efcf63b2674f6a5c07 |
| SHA256 | 23bed5c8ebea0c376483374bad7baf633a7e52f3e0a609371c518e06e645bda0 |
| SHA512 | 2822d02e2b3c6306e6d71fa62e7f472b4c3cdf0cbe499b70ac60a0a50e547ed47c394d7de88bbef2e6015920442b9d30cbc0d6869d154e02ec251712f918deec |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\TrustTokenKeyCommitments\2024.10.11.1\keys.json
| MD5 | 052b398cc49648660aaff778d897c6de |
| SHA1 | d4fdd81f2ee4c8a4572affbfd1830a0c574a8715 |
| SHA256 | 47ec07ddf9bbd0082b3a2dfea39491090e73a09106945982e395a9f3cb6d88ae |
| SHA512 | ed53d0804a2ef1bc779af76aa39f5eb8ce2edc7f301f365eeaa0cf5a9ab49f2a21a24f52dd0eb07c480078ce2dd03c7fbb088082aea9b7cdd88a6482ae072037 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e3cfff44622d0408b58ad62a1776eee3 |
| SHA1 | 526c26063292e8c98657e3eb415383d355ce83bb |
| SHA256 | c00b23f154e00d0bc2314b0ad03ca98618ca71d9986d523f7a631778443b6d75 |
| SHA512 | 20598dfd7a6708598169966834d95c657dbc97f1c20475adb634fb7916fb8b6991a0aa969259a9e56b628ceebc5e895ea5d39f565db52e3b9786c6443ebb1213 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\99becebb-3766-4557-a55b-a5033431c756\index-dir\the-real-index
| MD5 | 00e3cc2351cb15dceb71eab2a09cd278 |
| SHA1 | 2664bb26645fe816fa1940ffbd67ff496d48375f |
| SHA256 | d8ffd318209469073c72796e30b1bd13da20666a8d51cf39c767cb7e16e1b82f |
| SHA512 | 0f524e46a4ce2c9fe53fcc3adcf7a4be5e4b51d17ed0bc0919907722e733145f1f7d019290e8c026c9409d98bf39a30aa0e07bc8a721be6450e038346a4c73ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b2d14a5224baca027ff836aac6c2541f |
| SHA1 | ffe70e8a959fcffb2c5ab2a82d36d27c7a518719 |
| SHA256 | c1d7cecdb035798d7e7c38cfe91a5fd424c948a6d8c76e9b6748f87b58fb0382 |
| SHA512 | dac712c24ba41135cb2115fbc2b09a777448bb582eb74c018d260f264446abeae1cec02e393bc6cd37b81dcec13ec6a9747c757702f252a89f446e2c4beb0ead |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ad6eab5b4781ce38af275e54caf0b6c7 |
| SHA1 | e9066761abddee88c1bb28e28b0feb5092d832ce |
| SHA256 | ba189406d9c71581067046af019dfb04ea8c949cef1f52c3dc962ecf608458dd |
| SHA512 | 20b4b4ae3bc4b69936c3fd3949bb03a4bf6d10b852de3a126fbbb707fc4551c0f836ed20c12a4f27cbbeab86895dd30dab4690a90fda8dc9459b00920b5e616d |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 83d811102c7f1e310b86eb5bc4ca04dc |
| SHA1 | bb5271d8c276b32d1d55713364371c30a9ce7fb6 |
| SHA256 | 9a49c3f614870052398fdca1ce159e7f02b450a94bf88d1a95c9fad810c3ae01 |
| SHA512 | e13309c76e824367ade6087b990fc5dfc4dfe2d7d2313d344d4aa067495c2d80c9ecd1d65353468dfbc85ba78a93575d53174735d91d01b4e5f71ab09a6a9815 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b4884960ffd1d8d0d703b1a0678d1021 |
| SHA1 | 5b65d80430d8340cb5ad787c8d93c8a36160a428 |
| SHA256 | 501cd8292bdf8bf557fdf99340037fc4f3a182d32633d272bb4b71d9630e4c4e |
| SHA512 | f15518949192cd41fd474d2e71536793e50cd54f6a32c77f1dd01e7f6e60218e5c5243820e5aefe6c1f40c85ab4ed73edcd395c1b1023b5b13cf4d519ecd0ff9 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\manifest.json
| MD5 | 2188c7ec4e86e29013803d6b85b0d5bb |
| SHA1 | 5a9b4a91c63e0013f661dfc472edb01385d0e3ce |
| SHA256 | ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62 |
| SHA512 | 37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.57\LICENSE
| MD5 | aad9405766b20014ab3beb08b99536de |
| SHA1 | 486a379bdfeecdc99ed3f4617f35ae65babe9d47 |
| SHA256 | ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d |
| SHA512 | bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.57\Filtering Rules
| MD5 | d7c9c6d2e1d9ae242d68a8316f41198c |
| SHA1 | 8d2ddccc88a10468e5bffad1bd377be82d053357 |
| SHA256 | f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547 |
| SHA512 | 7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 72e12c9c68f78b319098b3fbc5280e87 |
| SHA1 | 1e6c4dc049e5a2ade46675d4864a6f20d8efbae8 |
| SHA256 | a5d0971b0fbd550acc56fc726ecc5795cdcb0f915a45111fc7cadbccff6adc2b |
| SHA512 | 829ce41f2b620e52f3d864d00cda3cec1cb9c1ee3bae82244709b49a021f9a22d20418c106b117cffdcaa8cc29bfe82ab58342c5e0c4bc511183e69f151abe6e |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 2c176c157ff7929b0ea318bcef7a96f4 |
| SHA1 | 20281a7323fd6eaef5b048b963b66206a7250f52 |
| SHA256 | 488e0d21b64ca95f3d80245874d2b8316892f278e7d1c13e3daf0da878dd1760 |
| SHA512 | f0932649eb8ad2293bd791d8d8cf50ea26ffe875ca47946aa11d243e1e1aafcb848e6b07dbdb407449566b38cb1ab9c0c31b9b52cf32e062493bc50c313e8c07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ef7c677d363a564632959e1ec7f14d97 |
| SHA1 | 50a8fa051fe96af1a78d7e3e7beafe32ec462ba4 |
| SHA256 | b815e0b3886c53a93b3269ee2bd72212fcf54b877488d25abd5e12be6d396d37 |
| SHA512 | 9b4450e5eb5f4629bc81e95c9212df8108742a8bb92cd8728e753ccd0f005ec4f1dd00684b287910ed1ca2659404156db86072bc0a9854dc3d2f6a9a725b02b7 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | c91c6d4b845f52eba44a327852698375 |
| SHA1 | 16a9d4ff63b636580fdf9c9d2c4ddbbe0cecd2a1 |
| SHA256 | 65bd52569968e0ae498511e26086fc8d45639aa096ddde7b1248e9c9797ada40 |
| SHA512 | ec19246ff5ed8fd93d89f0bd9952b2fd8f3f355647bb7088318939238c145b4eeac3ce3f25e697a1422bafdf5359c88298f2ddb05b791550649dd39be1ef7515 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\Network Persistent State
| MD5 | 9764366ecc1837bcb3044a58652e7c90 |
| SHA1 | 11aaffe5372353c23f03f33de39c82c45b8104f9 |
| SHA256 | dc26ae125f0d300a3851371e43493ed413b2e420822e3c4078f8ced502ea0e74 |
| SHA512 | c5ff33a2125fcd58e2b6aa5ddf86b525262306f013f22eada90ffdc1ce329299cae4c48edb3e5bfe663186fb4aa371d36ff654d16ed6342c0b4397146e63c7a5 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
| MD5 | 4aae098c5aa1550ea3220ac59a62e516 |
| SHA1 | cff107c1d9c756d7a1588730481477dfc2d39644 |
| SHA256 | 81175eb792b3206c4bc552a3be9445264ace893feb32c481a3f298fe40cc7fb9 |
| SHA512 | 8b5d6589bfb6f6ce1c9d03aa744c682ee41f0346d17591a1c8b4bde26c6f2b0add960af788f31b717b58e8620d1dfc7a8a39adf6b3d76c75108f5d974d71c2f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 782b679b901aa41dbe7333014fa3f885 |
| SHA1 | 5d29e098fac090499e2726d242c3b57626a7f4ef |
| SHA256 | 1f28c9ce2505273a7d6bd9ffa6ed8cde41d0e70b9cfd46c86e5d5c4170ae5176 |
| SHA512 | 290a72d79c2dbca32b32558f3bea2557566c602519796ceefd8ae421a727dc445ced558288a2c452a9985f442e3a2c25d946f70efbe07a67193de20a586be271 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 151f6fe581f16567eaee76ba9b202039 |
| SHA1 | 5754a1d8ce35d4c1f1f3d4aff067fbc187cd4472 |
| SHA256 | ec125ad8f05b54bcffc03e0878ba58135c6a080774dc359e36954432ef806639 |
| SHA512 | d3e88a0c847f678682047d936f780f61f180a5b52770597b4df907bc44dca875e1db4c339f470ef8cfee629f81c6973af0118ded30f1ec34e8a9cf7569c4c9ee |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 5acca8a2cee67a52b815f567bb100e6d |
| SHA1 | b4bdcd27b41152a7481118ae6618e22ace9172a5 |
| SHA256 | cac39e0a75baf339674e330cd11c7062bcf92fed76b66e437060efb8b660faad |
| SHA512 | da2c20ed68a5887ab2fd65b4dd91f3eda2284da1de8a7f86919c3b6f15c7fe26834799ac981e0ab64bf27330feca6c3b63fd349f72448bf6266ea74ac6b4aa9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f0
| MD5 | b7a34c4483d67a268f3846a5c759a00c |
| SHA1 | 76ad135f169710cfadcc71cf6fdda6ad27290d75 |
| SHA256 | f40d158b80257287f0bb3647f690bf5db982a85a262cb4fab2edb276cf646881 |
| SHA512 | d9ec2a84cf7b4606eea1c9e15ac3a58d4bc6572451bc6c59f7aab4d73cd0947dbf3abddcca903529f99cf2fb53e109e2545fce4e92e79d5d76c2ac9496f59de1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000151
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fd0d419d35cd486b107a457d4d9b39af |
| SHA1 | 852347befdcbeaae2e1c90fcc4347c6f96061328 |
| SHA256 | fc161bfe6546a7ad5dd40979bd4eb54c4500ad3be82910b5c64e049927891a6a |
| SHA512 | b468410a404917f7d048d96ac8c72b7ddd4c4c198f24c5be3ffc969197063e5d5e0c8f8cbf91abee01a9210265e5cac0ab4e756cbeb4cec1f10a1ff0c568a84c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 123fc0879381d4311e4a3d3a944220fe |
| SHA1 | 7453b14a8acbd92fd50210d4364d6602ddc60131 |
| SHA256 | 801d38e7e32b7d815c23633701f8bada4885ce1149d01832f31e45d972334c78 |
| SHA512 | ba3e791cae7b5a67cb6ca0ccbddc3f6aa683ceb76093fb96ff7a2538a2c8a5c3b43cbd83cc620b1e4d24ca7d1e8f43d8e0cf1eac47b210120e0e1a803ed0a8fd |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 39e356e2774c77efe73c365db4a3a0bb |
| SHA1 | a9e1733b0f7ad7945cd31df86aab77c72420c55b |
| SHA256 | 97de988b923784ca41aaae17f2a1695576555a2c226d72515f3bc292925e3c86 |
| SHA512 | 2404bf4c6bf23777055bc346dec639aebcc29bbdf82b1c8741dc6bbfb510379053a50c1ad5c0a45be3e892a5ee734f927ce50a7ad0c4e283edde82e381926768 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7a39b9f76cbb29b10672cda4f9af1688 |
| SHA1 | 59ef57586a07fdaa921781d88be607dcda864d25 |
| SHA256 | f0b34485efc10978491b27b7fd7c0d1b164141df7e48db4965e2fb2482890c4d |
| SHA512 | 0b5ffdc6b386542e3915f50ca4b3f963455bfd334c7497a40205baa0085de8ed30bf162a25b84ef55e9886f04173fab73ca1353630367490b7dba0963a7392b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1469e1f40b1c7126b4684b3fe30f7514 |
| SHA1 | 05bde30b38ca84c36156ce4380ed1827b3224893 |
| SHA256 | 3ecacc9f0dc8e5873fbe2dc0f272c77017f7889c2c7e7541a022eb67b6c57d14 |
| SHA512 | f914f47321792344102ba0dbd2e72c096e0220c1dd686a6e23577a33ccea5ac9b4e6bb9980694eb1fe93aa76175e15514b5012d38e843007eb9c3011affc92ca |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 5c8ca9d65d910e6c5e04cc461d067b97 |
| SHA1 | 28b51ba8fda48eaaf0e1febf73d84579baf2f05c |
| SHA256 | 0a70c27d97144377a0939a38bc19e4f1311f3f35d2b708d9b1ae2ceb771644d7 |
| SHA512 | 46304e0ff9092138f22b1613a471b7185544a1d4c217bfefec82d7b048472f643df1e6236e84f79f25ce0feb5b185ba55beaff7b914fc03585817c8749c9d8f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e13c66bad58850b0d22f848bf2e58871 |
| SHA1 | d00c0222f38aab9f6f9a7c3cf02a7b4d6d1c8d4c |
| SHA256 | d098c2414d173d8440a758714bb28f63c164ab963221f19f45382cbb99c54f32 |
| SHA512 | d101c85733a608564e9116b209a648859c225d4f4f6b8613676ae9166146f91a6352142309a72b3c2f0fecd3e902f2140e5af1d3f8b08da0001bad398524cc60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ed
| MD5 | e28df69ea0da355ca94300019a817506 |
| SHA1 | d810626a8f00c4220bd28d9b3faf5d06a230e76e |
| SHA256 | 6528cf07dd18aade90938cf69275f5a95c2b9336759244207eec50380c621828 |
| SHA512 | dbb7f46532c864f4ea9077d9e423d32ceb84c27b2ee3d9e3f0d05b2dae88dd64acfd23b7a794317dad79deb2849f639866a593dea47501cb1a1203849766325c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ee
| MD5 | 8da6d11aa802833875eccc8d1fdb04f5 |
| SHA1 | d572549d3d0b888f0e5d668e5c55ae6e4a0fa7e2 |
| SHA256 | 8fb214c8d218de0adc9176995788a9865a82a38af9377be4c136fb7d464c3951 |
| SHA512 | f57d4fd0d82d0e384253454b64f5c572096a849a572712b6aab57e4df0dbc0139e7e39c8f06d897799e05f28fd041d7eec79600b9cf2907ca52ffddd933b93bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ec
| MD5 | 973e6d40dff90cae7490668199df9a53 |
| SHA1 | c0d53515eeb3f8a12738c038c404bc1e4d8e96d8 |
| SHA256 | 76396a3e3c21d41ae78a1fb8c539f0b4685e2491bd222d1cee157f24836300d3 |
| SHA512 | 52849cf980427287e95d4ec8bccacd43c28e8a48df0f72b0a4551636f879d1bd24b41b039f017f796ed1ec84215910ce5c74dadb36b8e9a53ae3d233cf3d43b3 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 0c3797d3f2687ef049c1217b2774a9bb |
| SHA1 | d798a21c397d092e95a6271354cd5b1b560503c8 |
| SHA256 | 465655d9ceab9623052f6d7c6593551d2c6717952a3b3a12cc3aa43a2a358c9e |
| SHA512 | 6f2a21c9dc71cf5d29cf6e4bdafe8ead589ad609662f42c22049d5884ac55a8148f0e88f77c516c37280ac16fab3f5aef9c729192af7fa8ce6131fe6074eeb5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 25260ad6693a6627299cbfbdd67a1329 |
| SHA1 | 766535425b2e8be88ac4c5d03155b5f3a2438052 |
| SHA256 | 77f7031d8559c4ab73794a561dda3da4e422231912542c20580cb34075d44086 |
| SHA512 | cc4e4fb8fec10398156d9c92c730a2c3cd4124110b69d62dc4aa58cee101aac732a965dcc42c55e1e6a734c6eecd70982137a8d01556df5c38c3f9fd5b1a5367 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
| MD5 | b577a6b7411a056d6a4dd8c6dfbf1955 |
| SHA1 | ed34c4f6f062bff609d03945f9c1340560e7779d |
| SHA256 | d939c855dc49a445604bc7db1038368bd59d2e5b997e6b02f62f066c21bc7190 |
| SHA512 | 3ca16b9e52b8a1c4127d647e67f3461885d528cee258b4395a7ac91882312863d297e9f493e9bcedd36874afc69b7943c57f2443e5412b9441172f5036422f23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4dae599852d8becf4226e3716dc630fd |
| SHA1 | ed01711d4787690748665b393c21a520b43d33ef |
| SHA256 | 6160bee59f06da6d0c93510c1b5992b08644a2ad641b74da43004fabaa94d812 |
| SHA512 | 7d4edd64aa18cdf7f17b785dee93a519191729f04fc4f4db764df1a51fb75c10a1365a08a69535191df95642655f8d901469638bf326922f01d92076b561a696 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 3d9b516453a36391cbea5d34d7b8a044 |
| SHA1 | f882a9805a9d62f5cd3110d418b6b9e04ebb66cf |
| SHA256 | 638b856db286c328798b539cdee6efb3f779772d6d37b13985f940e3cd625cbe |
| SHA512 | 4538eb21c05e0a99a22d5250f650c61e4b7f4074f9c176c651650aef9a9d264bc26b707ec519bae9654d8066c344460af8579d89832d2774619c207a184efd43 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9f9e253b8dcf726fec5db3f591a02b9e |
| SHA1 | 3d2135f29429f165488eaaaa9e1519a72c3b3148 |
| SHA256 | 3d525ada9b9daefcfc50f4e7bd95a46d24a02fc2b630747b4658ecb5d7ccd082 |
| SHA512 | e4709ef8534fd41bfebd8357f2ac5aa88a9c51d2fe1f583bbfbd10801099c63801a4129db962dd3b4065e195637509c21c994535ab578acc3832a62cae275e5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 719f88c4c247c551e8e4337bed980a5e |
| SHA1 | 59c6f802942ca4c041f3173cb5a9041f24470f79 |
| SHA256 | c386cf2348c18ec6142d96cab16c7e1545bfc0db8210bef0aed003b4815f179b |
| SHA512 | 8c6a24fcfeea0c40afe01c22a6b99dbab46fbcec2428ae8dd66c6d6c8e9b243dcc1216e6b995bb8a93861feada7bebe8c3086f5ab357813112d3099dbf203904 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 98b9bde87fa0f4f180d14f3bb53a5572 |
| SHA1 | 3de5dfe3551790d5af4ab89f9c0908db56dec58b |
| SHA256 | c531b55b9aac13acd9605ea3fe534b590ae5b83beb3556b412405f6362d436e3 |
| SHA512 | 0dbae634303bc1977a34fbeb45b1c50ba2798ed2328a75c86190493c4e04cc44a8967394be4bf4739426d3612e9082a1d36095f78bc12c4cd802b1c88ef4ff11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 71d6a4b41e0918221d03ed91caa0a00e |
| SHA1 | 4fdcc0aaaf0a3f9a4713fb40e0ac225290d0e065 |
| SHA256 | 3a14490aaa9d1b6da5742e4fa7374c439ea11efd39386c4f936db67f75488812 |
| SHA512 | 65d5e8e2a7edca0cdefb8355217fa836ec8724deedd91f1aa3c834e35e2db4ed629c0bdb0e9e32f73995bb5c666b196d307b99e1fb2148afd78cf6d7bde5d937 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 569fd0fa7a01ec127514985971702c18 |
| SHA1 | 00d858fb810c1d67223f19cec731b9c22b723b02 |
| SHA256 | d263fb451a9b7548707794b02dd8b44ba553d7352eed633327a18e036f483fa2 |
| SHA512 | 7a36bff4ee002754b55b46d51676ae8640aa9401a1596c42f100173720e39bb0dbf8c8085e351e7f41fa4f1221e0bee62e3bea02418ba80105e32df6c10cbf2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b8de9ab957ceffbd8fc01eb2383c0bcf |
| SHA1 | 8b204158dc92555c59f18c2938ae24f5dbaf4c02 |
| SHA256 | ff67b8de9ff778d47fb3a5d4958dc61c58ab2219ea4fd00bdf76c1d938057b47 |
| SHA512 | be3afe3f369c106b1434b73905d88884ffc416f3126623fffb07799018baac977a3f8ba0876d283265f33777a4cd4671b002356774852258211364c92d140ebf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d958e44bb0ffabdb41d9b1519c69d23 |
| SHA1 | 1bf9321471aea6a6a4c280089800efa297c4a60f |
| SHA256 | 33a8ff418189c2baac04a3180f4b833382d190d3ba6fa465866d7a225fcb3c51 |
| SHA512 | 9a890fb65e78a09f12a9fd28f5f2d4e656edf87634fd2001eb9a97130a7e4f58627dbed655b49974b1cb20d15c3a6ff7251b8fe4e9db3a6758b4dc71ca6bab05 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.35\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe
| MD5 | dc1543edd0dcd56536304bdf56ef93f1 |
| SHA1 | 1a8b2c7791f2faa1eb0a98478edee1c45847075c |
| SHA256 | ccbb3d9a4877999a55b2ca6b8128481e91c4b56780f581226f916c0fb2db0772 |
| SHA512 | 2a6b4aa39bc3e4d234909077d5c6d75b9968c1778d505cc12431afd7aebd01eb65ed2f6f0c53c67f18eed7e97b67a93bab8c44574e3918ccd5cfcd8681767056 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 2d428005a76e582d194c369959bbc304 |
| SHA1 | 7c35dbc62487e3d031eb5a70be84ee477863b8c8 |
| SHA256 | 817e836c5501d7fdf6cadcdaca1707d0efa8aa97b27bc2cd24bd42f376f182d3 |
| SHA512 | ca74256f0a1673360025d80a6063c6a3b26f7f33eb88569a0880b99689959d14226904ef7a94cb315649c548c31b83d4f31511c4a25b7c63326039a51b58ff5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 29bdf20506b9f2edaeec2ce7aa194f2f |
| SHA1 | 832fc77598a25ee8f3e0fc459a3189cf821e6a49 |
| SHA256 | 6a447ec7ef970db34c226aa61bcb3b7dd66feefcd8ca5fb37ec3cbe8cc634675 |
| SHA512 | dffbaaf00419c63f0a822105e111718648ff5e2affbb096a5094abf47a052e33e9643a8d301c9ee9fc7b9f3b834caac40f832d55180e657edb4c6767fe499e8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 6bc078cca159410ea544ab921d3de7cf |
| SHA1 | 592b52c6b7e90c4208656b62130e4c61a406d440 |
| SHA256 | d8d1eb3baa0e2348173b8f6dc3f0da5567796fc6e0cdd2171014212f68d826ca |
| SHA512 | 7781ace40ed6fcb1ad7e63fffc39167d8e978064f55a55311abb52fc0aa2a1211989d16c4f3a54ed52112b745502b9524e130bca489f2a0a22a8601f6c93bec7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ac910649cabb8df4b19bbfd989fba849 |
| SHA1 | 0a88c249c61a2543f55758920526b6bd2eb78c54 |
| SHA256 | d0707f04c1ce4b7a50fb4e84c87fc648889dde0a2c0b2e737de9bade8aa1d58b |
| SHA512 | 145e4492c69d70c5f416fb4306c8d2c92e9f68970ecd1f0881484758fba57219930b108f5a30446dd59ad54a573c79dfd57349a78c3fbb63cba87a065c85333d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | ef78e0e003609bc3fa481c7c33670ee7 |
| SHA1 | 1697c47ef409f2c554d2a4235a08217943448ddd |
| SHA256 | 89878fa340b725ef3449480b92dfe1a233decce7160f385609bb49b70a14517d |
| SHA512 | 4c777b5c7788d40936c2a6dfc3d286d4c1dc61bd728f8a961b1e27b2b391775ccb32fefdb3e109b4ebe0f2f88bd31c11d4f19fced8617431a8c23bfe83764975 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0d841345b724567c_0
| MD5 | 9aa8ba3747e096934245a068aab86998 |
| SHA1 | 483f6cb7b81532410b0b7ca459254d89fbfc7fbd |
| SHA256 | dcefebf5504904c6e76f67329d7ae82f905a09652e356144b3a080896d913131 |
| SHA512 | 3340f8e1bf6b47ba36197502052cd628cdd248abdd9516aae0a8ff98f783350332775c39a158e0bd40af6f40a98510900319c8beef9708fcca8edc5dcc3c85bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a5e587b1f858ef2f5b49815d70fe4e0 |
| SHA1 | 21015f04186682d76664e62118c8380a0aa14785 |
| SHA256 | f9c57821e0f9323cccdbcfad94ed67dc0270410cf974047fa0cd10c98dbf94d3 |
| SHA512 | 1b1cb189f8993b18fda6b048964c4820457b77e732474b5f44d3d1ea170966cd79d1bc510d60703a6b37852332b531e0bc2440f1b08673d1d590f2babbde8ce4 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 53415e5b22cd80bc7a6d1fdeeceee18c |
| SHA1 | 757bf251c4d54c063d3b3615f30c411555d23938 |
| SHA256 | 79203c489bb8beec6fd296548ea243c88674a5ff5148a20e3d4430381c1839bf |
| SHA512 | 8920d638fd31dc0aa7bc480a3c102b089f636d061711243169e9f59453b065d07548fac9773f9fe619498f3a96da46e7349aaafd3490faf3075f002e6e1b71d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7724f68717247045e65f369fba479ce8 |
| SHA1 | 87975a0ecd44dd389f1ca6ecc1ced83a3d6c0c7c |
| SHA256 | 538265a5205cfad8de82a694e24aeeef2916626f94141244e640381792a3fcca |
| SHA512 | bad62c66128080beca2e02b84aa21e2d0110acaceebbbfb7b7713f6faa091218d9d3584bfe8dc118dc6339b1a0c29b1ef83607fd445caa68fc6cd609c0f64f0a |
C:\Users\Admin\Downloads\Unconfirmed 78078.crdownload
| MD5 | 3ed6024213496613d1881c71abb03d00 |
| SHA1 | 83bd095b53b81b11ab44a9b4b73ffb7d2750b989 |
| SHA256 | 56a3bc1c037fc18536914143d057dae1064499529ec59532eca83a50a0e97894 |
| SHA512 | 404f0f56aed2f7053562d75ad49a71470905a7339045cec719b5bcb16811cef157ca55cbb5172ac194997bedcd1e604fc24555451dc08f90de0dd50a2f3c907f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 029b769edfe24fa0a8398be641a4fe03 |
| SHA1 | f0816df503a1de16feca296e5cb6a9b4203e70c1 |
| SHA256 | 7fbfbd78f742f739ffd852dafee94879a9679937324a5985fda234c0d0cd4a9e |
| SHA512 | dd80cb3e3e3820cd09e03afa5b8ba13534fb42b83fcaff494ce56944572c38751fd5d76bd083ef6efdd0af2b147ac19244cf3cf3f7dfc66a324d0ba34f65f232 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b3ee2459f69185ebe7aa89cd38dc53af |
| SHA1 | b54499d24322814002806c9cbe0c3f6e19af3a65 |
| SHA256 | 442af14ac040df0e5df466de2b52f53c4f3ce3e357a7541ec51bff38909eddd6 |
| SHA512 | 0d1e212c238cd6adf72414f5849c932380e309f7aebc103a9a864dafa61f744ce791136fa8cede0c6d878002684876c80c3c6921e95ab85aa0fdc1e5522cb620 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 73ac3d427384e873b22f513f79c2bdfa |
| SHA1 | 0b9943c21aebd079a4df768c9bf585dbf0013967 |
| SHA256 | af977c2a45db4e802613771b371a0f718c31d48625832eb957f4fe7bf756cabc |
| SHA512 | 66c709bd8ecf7678ff5d6a37f15a1deb70480248da29c3209d34bacf2ce469157f53bd95af2aea64c915d5e4108118b0edad1e8d86e03a9ced9eb79934b2e8c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c467fcb2ca066741dc079a9d949450a9 |
| SHA1 | f7d9a93834fa799e193badde5a2dc19b43586aed |
| SHA256 | d2849642f945fa4ba9caae7ceb8d3fa5a4f807e20ef480096720e06057328ee1 |
| SHA512 | 479e8998e20d55af61838cf10493c8f48e5de4bf614668d06a67bd29f5631cb662271a6711382826bc1634fc6984ef0538e573bf496ae4dfb2d10a4dc09dea1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 085bfc5e3029cb1b82a7a3f584d0c2a9 |
| SHA1 | 27e3d9d69e7bbef05b9df81673ebc055a8c04791 |
| SHA256 | 85231e88ab61f4368b1b41b04f45e830c4013f6e376727ed58a58bd225126b63 |
| SHA512 | a9533d67f4037b49c80e5c7eedbf1b17d1aef32dd6e73e6ce7679104654a05053e2a73190543eb59c00ec575ec622bcff153d24a312c152101f8e1bc3b005bbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7c125212f5302227f46427caa4081e65 |
| SHA1 | 90079b56be10783832f0071ab5b1c22cb8fc5f30 |
| SHA256 | a825806e93998dfa27f850cf6c5ba6da675e46fc46784be860ed041ab8837001 |
| SHA512 | f951ef42be61f6c456ac1f32b6f5f9c3ad378ec278168297402a8cb6dd8d7b51385d1a9b90c9d56eb7c435771eaa10839c1826fc7171349198d4fd37828ec08a |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | dec3e043424d9a691886acb432cc4e95 |
| SHA1 | 927c894f64d7ed6f0a9c096d60f02a92cd97ecda |
| SHA256 | 578e7f8b0a14d85e825988dbe20f88acb924f9bf463ff3f8b58a9cc96ffff002 |
| SHA512 | 29210487fb7bed0dc57ac7f4071c8b3cb5492d929a92995c43805e136fa18e7003a25aa8ae8a623902dd94608c361cdeb57a5b672bde51d33582d6624f0b83ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d719dd2b4c2647fa50101ff92580012c |
| SHA1 | 4059e70ff1cab5f0ede5655a6e143578f8fd40d3 |
| SHA256 | 453d9bdd31911f85bada9d6c9262a0143ddfcc9eadd34cb82328126ff23b5a2c |
| SHA512 | 77d43a120b03e907d9aa438f5e4ca9ebf6267363c374be024472d57c956b8d8888414823939a5c9c28251af31cbf35fc0793625d2185c0b461f9f64bfb472758 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac7752c1408f767c_0
| MD5 | 6b2311d784340ff4ddb6e01fbf0511dd |
| SHA1 | d44c87a4ff72cd90318983c39532f14876aa58d6 |
| SHA256 | 3cfb3c90c56103bbadd0c632cf47eb111209e70ff9799d53c97a6e8ec9e4b05b |
| SHA512 | fce48025d22c7d43d303c2fd92703144be3f14a969fa136bb0bda0ac977e41fb1fd0fc2f16cd6460341d357f8840a1d80212b42612c2bbb11f43e8943beb46bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1597446ebc8d040_0
| MD5 | 9f2bde9b26f955061a954e3e0b1eeb28 |
| SHA1 | 77ac01e1ab695e355475217a793f6c590d840630 |
| SHA256 | b7e6eeff0cd8e5891816fc720f3fc7171b004d2c9e23d92b58e7b66cd4d1e973 |
| SHA512 | 247fa57ac5ddb489db352981547e9a550175cb977c06626ead172ca594ed35fe9f7a6c0cb99f064731465283c3c7c1001d4130d3631545026c6175990d4b7975 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0
| MD5 | e41373690d68d4ff5876fd9d0adb83cb |
| SHA1 | 84417ffa9ec3ea6f69511ecb3bd9b260dcef5f20 |
| SHA256 | 618156ba42af67120828451c6612f703add790645442d2a6af0afd528ffc8880 |
| SHA512 | 01eb81f3e2020cabab6dd94f66af7d95d57d5bff76cd3bea41453c8597b457ff997d063f58943c4bd02b6c0490b1226baccd58c9cef10b385a981ea3468445b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | a789e43dbcf5ed57463c0691fac3a67f |
| SHA1 | 1ed9512cfbee8bdd126106e8b1b5ac0b4b2123a3 |
| SHA256 | 821550f7560f8423f32df31d907c821373bea580688afb79becff95df0abed1d |
| SHA512 | c4015b44c446b7aeff75e4240d72277e646991f3a4e888489090d7c605963df7b9947a4192bfbc1490baddee103e5bf613c85ddd9a5693e6b6fb9424e25018e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ec30e8c350025533_0
| MD5 | 4ffbbfcbd9aac2f6d0bb7d8ab05059e5 |
| SHA1 | 8546952bd220e5f6e87232f3a6d67fbda043a993 |
| SHA256 | 0630235467dfcb2a1dae5ff6c31dd72b4474a6d8decf87ec69b82a7273249478 |
| SHA512 | 643cc43a14f4a3eed4f522614aceffb1889bd94e88c5652514fb996d632cee3738b195cf6b04f43529cf0e29ddd8f07ac167cdca1811f0b72d1105f96ee2502d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\605167868572c6c4_0
| MD5 | 4ec450c2fc4add5a7b024ba8304b5214 |
| SHA1 | 4ab3fabe1b50e24937f06106debe81bf090582a3 |
| SHA256 | e709bc50ebfa352c6611d70fde89d487084c781750bffa8c8a12f587a3fa4094 |
| SHA512 | 596e24738b95e9f87e76cff90354a4500a4756a05f3ed4d9fd120377e7ca5a062819653c0efa9c60e91124b85c488fe754b34eb07ae1dc32bb5ab9db24f8e3b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 335df04289b684af43cf2789d76ba6a4 |
| SHA1 | a657c0a28cb9dcf801c0625d7760882e92abdfed |
| SHA256 | 839caa7d8558cb5513b6b83cde7d86de590df06f87bef34fce4a1d0a709e882d |
| SHA512 | e675f418c04b6d4bd8314bff332b3baec704a410595021045dc31ead3715a0ccb249b4180e52b7e4396e8d16b5471a251b21519707cbf2467eeb34e7c37c2be3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 6a45a26e4398d19a5886f4585dd75080 |
| SHA1 | d1566dafff3dc3b86cab5136b462914a9a300a0b |
| SHA256 | 4a4e16a944f40e165de861c5e7731fa8dca263f68d39e04e23816773fa0d2f9c |
| SHA512 | 77d15170a29398b943d272e294a10731ef34f0322e9e0c717e19e979c3b3ef579f4ee36f4b5c48c4f445a3e307764f9a7cc2c0a7d96a723f74ee1c071d2e2300 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 1a4a7191d4c8d3a8f6706c3225f6bde8 |
| SHA1 | 80249740c932421e4cbd569b4d07e182e59c7b65 |
| SHA256 | ff605ce6d299d1ae3f5ec500638a2a6e96ed51de36a7a77d7b22c2b44ab79475 |
| SHA512 | 57a45db01e0bb553f6d5ccd6a7e5a0da5647d995fc5bf7591ceff73674958c88543d93219d0df442f0d306bca5a6e5b0e145fb2cbc17d1148d817c3129ef6792 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 6ce1e021ce9b86c2ab310d6a0946ebfc |
| SHA1 | 18e32a36f6b614787439c03de0a28874dacbd2af |
| SHA256 | adb1ecf1ee3ba22d694be3b130d7afb14cda7a545d91b76ace6b6945bff81124 |
| SHA512 | 51d84d47dcc9055f4b09c5c622a3c2bd2f0d1dbaa242ff3b6edfdcae0cf8deaa0b05e46aba6bdbae7ce6867a5e04b6078a3db79a7cd39d682e3f910eaa1a0422 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0
| MD5 | f95e34c16ba1a052c96fe766add609cd |
| SHA1 | 820b544fa78e18467147a303fa96c4ad8b8d7406 |
| SHA256 | 160b8a2d6ba141fe75daeb6f37365d2c45bf7094bbc47bddcbb57da45deb1755 |
| SHA512 | d7a11d793dc57cd274f4b04718c19eff95ff209d891aed628576a1c8aef7f97da882304fbad5a3d30c4928c9260a4de6f9f2094cf1f82e27db7f458b40493030 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0
| MD5 | 0dd2df7a7efe9b05a3f856b7503658d0 |
| SHA1 | e208770e23b6125d6047a83607c39ab1017e9abe |
| SHA256 | b6db265ef6b3d55baf66d31cb6360241362492aafaf393f06f3028260526cb1b |
| SHA512 | 3fa84a3e3717c91d44f1381530b24d6b4965135613919355d4e2d23879e82953c41ba2c606f867376af84ddbf3009f57df0cae0b8f54d4ae12d85c40155ffc8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | fc45d95e02d78bbd1b616aaf0c9b4d08 |
| SHA1 | 6f6be3ac2fffe37ff5c4ef3e20e7c5ddaef78371 |
| SHA256 | 247291f105de7e3bc5fe2c27e8925bc1c054437ad1e6742234bf21a14681ada7 |
| SHA512 | 1234239f34dd503cde862d4ac01fbb2649771acdf3bf775135e2a6afed9202f99d345c4db1a9dab4700a6ae1b99f06baf1ef73a2a3ba6ee870ffd04dd889e38b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | 585db47d9906d29a0dd3aa1b060d314a |
| SHA1 | 7a5957c50750347e0f1abcffd93fc45f92ec9636 |
| SHA256 | 2e5be9b85c25af606117af6cadd1df5c80d2def2e055ed109263394b1702680d |
| SHA512 | 475c3832f522429214fba64438e49d392a4f6900514addf8030719c40de147e1d155f05c9d69bf7246866fafe0f2806a40cc78d68b7e24d785b315c393dcffdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | fa052e023b2aba3dd55cb5bca28a1e00 |
| SHA1 | ea0e49bff76a63d58166437b45548c8d0bac3af8 |
| SHA256 | a9314448ca4f47ef2fa6e3a3939dc908524c0bbbd62be45cde86adc21693f012 |
| SHA512 | ca6d10dced4816bb134f710a3f911f6f464e46b811c0ce3eb47bd30586bc348732843829447d676ef880adf7319f2b647aa98236d2b730c17eaff2a256542006 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 8ebf4f9ba3b982a33d2ed3e65fed8cce |
| SHA1 | 6332a013ff5a19f2cf209a09437514be613dc6be |
| SHA256 | a3c5d8c1d85398dafa2444983d6f18d848a048af3ac5bfb6c5c43fd19c7f00b0 |
| SHA512 | 5d81e2ac8f78aed1095e1b73c49636cf56f2eb2c04b7fe8e7456d03487f731925ce177856333267e92fa40b08f567f6e5a426f5b187b79be3ce4153be0238623 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\19ea0c5a06faa07e_0
| MD5 | 1ee046dd5fbe357b9aec737686d6af1e |
| SHA1 | 11763c8e4ecbc9408274d879ac86a723e7463fcf |
| SHA256 | 2ffa09751d76c0e39081b1b7f39521520d1fb6a6d5d2cb7d5d25a7e08d5944ff |
| SHA512 | 34c734ccb83f02f98e93e84db0182afaaaa5a83a600a74b5e3beb27d2608815e48b543e4cfd96595f8a1f8bcf039d1a0878a4352dbb7cdc3123ac3989da53785 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | c30f6672d7ab49a2f604a8f9d7ba412c |
| SHA1 | 10208b4753c2565092f08cff288bcee7167b91bc |
| SHA256 | bdc17881f97251c66c1f3b6133dbfd490c33e387ef8c0ac49854fb925f3277af |
| SHA512 | 0f9dd0abd38a6c91d1aad73822779d0830724545898f082ec2a80f1b079e65010a83a6386922a6f0d8e743284c5e0b05eb2ee6cffcbeea6dd9753fa4f8fff1be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | ced430cd778a80f4f5347b9a785bba02 |
| SHA1 | 46a55198e319356101570be155a5b5925134189d |
| SHA256 | 7e9a047d739f03dc1aefdb03004c6fcaff67d6c400ca15d81356bb7ea92031eb |
| SHA512 | 8c5890412c020e9763d2ab20892ac5e6ecaef3bd0698cb33d7a208927c17e7c5f5133d8901a3e267d6da09971a8127d16fda3081aa1f587eb0767fe5c56003a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | 1c7344dad902e00d22eeb39345068ab7 |
| SHA1 | 7a8ed0e59832d283827b744305dab1361e3fa0b3 |
| SHA256 | c1a6d0d60528e8406144bc40ebea0f0c5d0a21046f99998241d72645d2682cc0 |
| SHA512 | f5590991ee44c2db9caa94a2d1d0e1c84e42493129c734727305b05e8d76811cddbaa4a8f162437261dabe6a31965d4b0469fc146e97c5427d314dbf631d70e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3e82669a81c981d_0
| MD5 | d982ee27bdef994af2908eef3c43d7d1 |
| SHA1 | dbfc063447db12252f51ecafc54ce4fee8caaf23 |
| SHA256 | 7955e0fbe28bcab9f0f8a9a1e8848285ecc399ea914065cef0969f358d1366e9 |
| SHA512 | 130d0fa1a567b8ce0d619dff18553767876342804a581d9816345d1c51da4b58fc99497dd49eef1fd69ee779d452810f3dbaca49d06881dc70a178ec5f403db7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | af97a25df209aeb3b11a5a8857549873 |
| SHA1 | 44226043039f347fa501fbb904c24c57a619280e |
| SHA256 | 2874d9320cddfb0c7b284b9b5e5b14080fffbb462f0e36a64c87984f917d0c07 |
| SHA512 | baeb35777bdfe054b02a97a7b77150b293db539404885ebdd12708b29815c2a783b27dc6357eb31fa398057f14a189c19eb2268aa39f09875d3605e102b9a098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0
| MD5 | d47f0812853d44fb444264df0621ce82 |
| SHA1 | 2eca0a1c6309a18c11a8a813783b166f38d218a6 |
| SHA256 | dbe77d8cafb443792f0a4730cbcc14758dd53e16291ffe879615e177e965f007 |
| SHA512 | 874147ccac5f2d52ae30c6c0bcaa594c6ae2e502793ef2312d51db80ac0510e52e35224ccdebaa0afad9a4b7b3eb4ecccabd0f335357a7541e714b0b34b3947e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0
| MD5 | 434022bda45c04e2fea8f5df8d94ace9 |
| SHA1 | a39d9602b62945bc4530ee61ef9b7198927b9907 |
| SHA256 | e16f7930248b936143a3873a77104b484f9851b2894c3d697f9ffbecc9169712 |
| SHA512 | a3b1e5932cb870d53e86eff45c09aaf1df00e8499d05bbeeab7eda4f4b73e66ff430851099745868881149c6024093e306cc0d4d81a9b790081d724e08f34704 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 76be4c6caa77dedcb910fab23e3f7dbb |
| SHA1 | 7392f96f41f4171ad1f4f49ecb23a4979d2919e4 |
| SHA256 | 6e231d778571fb6a34370a90291f9b3872e86fe06989cd1d2d8cec3997da9f9f |
| SHA512 | c983afc60e68cda35d5b90ec0c23ddad37787a9cfd9612b90674a31497ec01cdfddc7f68cb879fcd9a970499264fdac9bd8198f9c03c5945bd273292e36086a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | 53c9392a769bc3be282f4bfbfe057bea |
| SHA1 | 842939b3773c85bcba4f44b320f112f725e7e0eb |
| SHA256 | c8650328cd031d2c3e14771c3e7b6da661c9e06dc247ab230217aa48631df4ac |
| SHA512 | 913da458daa73429858135a30dd84859178c96ba1c3a8367154307fb3db257823dc1a7b078457cba8d055c8c266ddb9fa68b266e3464eea727dc4d8abc0ba97d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a26de030ab5c02f_0
| MD5 | 5c8487c0dbbb47429f76a056f9618fb3 |
| SHA1 | 63d3e2d60192eec5291d53a8554f505b7ae76545 |
| SHA256 | dbfb1b9eda427833e6dedd8457c1faea86b35b8beb92a0f56e9a97ea9afb23ef |
| SHA512 | 8178809ede2f2ea858da2c76bb2e155b9fb843ce19ca6012c4e97b6916bfacd2445bc25aedbebd7c87308c902f7a56a1375ea0a54129183611566a8cac3cb5f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c55f45683fc2f5ab_0
| MD5 | 0b02508db1b387aedeadeea3c2a6ecaf |
| SHA1 | 0312356c566b2b4aa3a3d54c6b5bc064abcdd2a8 |
| SHA256 | 611e20278ed5df66081b4f6672b3b1c1463f0c58660dfb9852a5fdb3d46078dc |
| SHA512 | a1f7c69c26e2bc58b9210126bc01be5f1d1823f93d9c070ca89a3d14c08272d749bb61daf13796da9c25df75c50da9282dbd049f133b3e0f2cb302e9e78bd312 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7899d2b49a9daab3_0
| MD5 | 7adb19e0f0d6309b8faaa875e9824edb |
| SHA1 | 77153ec7a2eac6642f2b73715fa213fea6edc80a |
| SHA256 | 8431cb8263534b44d534c45c1b96e2ad5146b7955f60f5c9c08bfdd1da0ec05d |
| SHA512 | 709c4e8da18246ef17e5e65a111f2393b59bb74509757dda0286ee0d3370defc8f7760b21a30ddd7e782090200de5d487dcfbad07c4f20df941fbf179ba8552e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\46d8591239c0d052_0
| MD5 | d6eba23f773360179458848953959739 |
| SHA1 | eca7006f3023924401a1b916b5a37eb6fdb3be4d |
| SHA256 | de422867f63076e949d629799ce1716dadec7ffe0dc96d110c23df88c6486637 |
| SHA512 | 91226ce52b2b302bd239e8006e890424ae1856762c3f02a32ebcbf11bf51c279252d8a982e1d8d1742de2c78aae6e5ddc7e8f7a2890a19e0f882276480674a4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | bf7fdee5092d1de1c59fcf59de8fe42c |
| SHA1 | ccd6e9dc9a28f80e344f9bace98ced33acb1caa0 |
| SHA256 | 201e94fdadee9e73cfb8ff48ff5d9d0ed5104dc857fb3db0a0aa2679b5acb7c4 |
| SHA512 | cfc6cb9a97a680dcea04d231e83c62a6b920f6e84278ff26cde18ac6b62a82489dd0f048ae2e6995aeaf0a24331a17aa135c70247549d255a3bd4496df8a0d1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a267665648440b9_0
| MD5 | 6b93e319b9334b80924fa146b06db684 |
| SHA1 | cd15834039b906122461170d62455c3f54640829 |
| SHA256 | 9d28b35425154f48e7030d2f26fad9507d59950d02e15fd722cece91a8af40d8 |
| SHA512 | b9a7112c28ea2042781266305c166669e9a66401df6b58fa8b61e5508ef4e835ebbf3a747158bc841af1144e0278eb7948e1e1a4c9fa36104cb24c360bf198f0 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 70cbc4ec4beb39f74817e23961eac8ba |
| SHA1 | 7b9088d97e37ac89e6e046d684232d4d15b84a70 |
| SHA256 | b4b20febb31e169fb4591ba0ae09c23004a32b9f83345a27065fc20dcea493d2 |
| SHA512 | f4a2369ef8263a3a48fb03c32cefd8d8f4af726a27eafe55f563580506eac199c6161ddf7ff82672aef0bd022cff3a2a7f59e9f17d30fe541d1360a22fc55c71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 1bfd5a31fb0a8f5712dac5a1e6379f6c |
| SHA1 | ae53afc5dece4dc2d1851c1846aa8a5e9dc79c47 |
| SHA256 | 2da22424a38a577135798b890db789d84380a5c3e3b451d722962d32086cf493 |
| SHA512 | 4c659d0aa98b961d63da24ef1a84c59f2521b4c9b791eacffe0ad0d473d0666aec08e960d8d06d3ae417e642b95482147c9708ad65cf6207d127002d4f37871c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | b47fbeb2eb5e2a075fc655e39192c468 |
| SHA1 | 35c90c19e8f5459c7c3f30654a1a387522f65df1 |
| SHA256 | 9e22bd324c1daa56f88320374f6d01b0305dc7fd320d4472d3832e4560e60896 |
| SHA512 | 2197ebbbb31e855ac7505e9ed3b903929450d65e82101e42329cdeeea8863f9eb362169f741de97b7633d6542100b9d8d7bdfbf3ddcec02efebc16ea94ac177b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | 55cb505e87e93f7d9a2e5bb07628b1dc |
| SHA1 | 0c62692989be6a2feb7df548d5bd70633d7700a4 |
| SHA256 | d0f23377a127c43bb0788bfcf9ce4859f0f8461bcd3d0678e87aab9a0458f268 |
| SHA512 | cb57fd8d4b68d27f4a82c436bc1b3c11bf85478a304b9e09dcaa43ec57789cef09a4ea1fc8b1b0c530bf9e8b12d059344aa8753eeb519230b640ce61eb25a047 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | f220d777a5ef1c21a3eda3cd3319addd |
| SHA1 | 2158b6e8f04f6c7ea632cb10fadc724ce1cd91aa |
| SHA256 | e9643a89376212720323717c67d2e55cd50151dfb622ff402d0a9c75c42ebf4d |
| SHA512 | d08dbbfc7a3e7182eb49dacc8b88ab896078502df30a187490c3043a32b9beb8c82da7f98f541da6a0f6e231f5073bd7fa79dc8e0740654cedf9dc7830006cde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0
| MD5 | b2c0c55ba1d9fd36a2464490835b884f |
| SHA1 | 85f284afb63dc594bdf6168781d4191c4b8e8f02 |
| SHA256 | bc97e6dac6f0138f4bd287a5259809058f48de1709d94ca616eefd1f7b0cbf4c |
| SHA512 | 86a06bb9743ee18a56e421ba202aebf8feca56e0d58f9326a3a570612e112d67e2ef00eabad6077638e6ae5685e317e06e0359e81487a0dc016feb730638ddc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8b908eeebdd740d0f129071e1711097 |
| SHA1 | 6e1c888f1412f38ff1167b055c2fecf0cff2eee2 |
| SHA256 | 8f63574dece7eedb2a6a13669d88d40e2d1206e96902d6bf4d4d48117cdf032f |
| SHA512 | 466d39e1294853553011d121e9beb545f7b9326fbfbbf01ac065929e6f243190089e600f87c0988f0248e6d45e55ab75d5f380ca5de4faae9f576409a19eff8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 888ce3f0e1eb36d17f49182ec3152b9c |
| SHA1 | 0c7491f7d393e3eb2dbc031132cdda133de855da |
| SHA256 | dd5e6ac5fddd40ccf783b92a5298e9239f5a45c0edb5be46e4c6b2d83f1f716c |
| SHA512 | 1730156652898794dac09709b9e1b45072191bb7eb8143e8009a3da72a4dd07b3cb9a1661aa2d20701ec586e4dc8211bd5be8c64561e3c532f557387b396fee6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000186
| MD5 | 9a36e47b062c2a7cc98b2c7c60423338 |
| SHA1 | a981b814d5b10e4dc0ab86fff926c960f19d756f |
| SHA256 | cd85f4762e736ff87d7184e4a146149df68c9b646be1841aab202e55ccad499e |
| SHA512 | 8e4f25e2e4af4a3317e94eb97c580008ac622ba7110f3716e09a15647793921912ce57436c31dd48578185b6cd00edb975a49a21d1684420b07cb98c0f2902ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9bf89ed50e3cd02cec7d5f8c7b2ae878 |
| SHA1 | c3fdf69545131e4e284e68c04f834348af7c1068 |
| SHA256 | 9b7db621f45547a6943e7c330c1f73dff978bbb5ad22a1156503d5aa74eb8c90 |
| SHA512 | ef00c9cb57ab1c00316323cca05bb377d7cb8c1c4d77351d9695ab12bec91559a613d3646459c99f944465e385bd629708fe5c2c7806194225d115c11a51406b |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 7783e6158eda024c839b4072666c25f8 |
| SHA1 | c30cd2c2ad07a4e23dad0cb93fd0eef65632715c |
| SHA256 | eb7b99f0347d36691d8c5146e8122cf5ab1b1653b83d3e4a808ff94d388e6838 |
| SHA512 | be990bde8f0724bfe7f147a61324d3aff23a0e2001806cd50fcb4aea368b8f2a4ea7238e861601795de8698c37c1a8ddb7bd7d9b6836a969962715b48700583b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0cbe947257ce3c5e2ffadedbad2ec3ef |
| SHA1 | 5e5a60115273bcf4aac9f61180440234ef9a1040 |
| SHA256 | d9e6b8f2ae1c2b594c4e1e813c6c65839c5defcc9f9eb1c20ecdd89114588b7e |
| SHA512 | b2deb8d715da41ef9b622d3a0d030689861da15bd32a66cc0a310e3fdfb1936fdcf0a12128ddfc8ad15ba6b02b2b08f986a9e1fc99204cfc5ace4a49dde66643 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90da9795b2898335ff1cdc29ef260e3e |
| SHA1 | 5ab8dcdf3502162b44d315686ff0f6dcb7f14a41 |
| SHA256 | 124eabb90d5d5db9e635f26dcd4f04d380820249929a03fd48276370f2d57e3f |
| SHA512 | 8bf6fa167529c4dca5459f275cf7fe43d0ac8c24e20386c015984e9399d0b3ca4c5d6e8920819e6670d23a6be2aa14243d6172acb15cd04ff58906b88b85cb95 |
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity
| MD5 | 6c7d3441d7bdd0246dd6fc1c660ab5a7 |
| SHA1 | 75a08c34a4dfa4ba4a3d80c13bd57f329caf13e9 |
| SHA256 | cb5e3f71798d8f807bbb29491eb1c235124357461bfebe07869e6a7ba6ee5174 |
| SHA512 | 107ab661b6660cbe2e76b06a035ff2e53de38888330dca2c1b24e33db17498e7a80425e5d58765ee5274bee28f3653755a83d612c906be208d8ba404dbf6382e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cd9ac63840a1fe6be64bdf54fe48713d |
| SHA1 | f521245720cf60771dd3d5a5567cd6f8470b9d00 |
| SHA256 | 1c61dfde0c5beaac3ec52a4ee645dd5697ad2ed6de7719efbc92dd4e884348bf |
| SHA512 | 389fd8b02a1c34d37d7e9ce2777bb5e8e69051e89e930a98f9d6b69b76c15e1cdfda79fd89942f2ac1449135c5e2635f1dcade22e0717c2bfd87bca1be176156 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1f08081779664eac4c5a5632da344728 |
| SHA1 | 0e0f45131a311c9a64812e30da8f388f96da5965 |
| SHA256 | 0d852009a34646355cae3f0197e331fb6a0e2970ad14b8eb7a3939db011af3ec |
| SHA512 | 0cb2c03c4df20332b2bc0937bae8bad5dc60b58312684a4522f352d02cebde6592268ec5c581b8f0168f7ecc7ce04c3bbfdbf23b5c4597314d7b94250a9491ab |